15 matches found
EUVD-2015-9275
Malware in sbrugna...
EUVD-2022-4638
Malicious code in bioql PyPI...
EUVD-2024-45991
Malicious code in bioql PyPI...
CVE-2024-52289
authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...
CVE-2015-9435
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
CVE-2024-52289
authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...
Mule modules contain Directory Traversal
Directory Traversal in APIkit, http-connector, and OAuth2 Provider modules in Mulesoft 3.x, 4.x and Mulesoft API Gateway all versions released before August 1, 2019 allow remote attackers to read files accessible to the Mule process...
GHSA-MWH9-GR45-XVV4 Mule modules contain Directory Traversal
Directory Traversal in APIkit, http-connector, and OAuth2 Provider modules in Mulesoft 3.x, 4.x and Mulesoft API Gateway all versions released before August 1, 2019 allow remote attackers to read files accessible to the Mule process...
CVE-2015-9435
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
Design/Logic Flaw
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
CVE-2015-9435
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
CVE-2015-9435
The CVE-2015-9435 entry concerns the WordPress plugin oauth2-provider (before 3.1.5). The vulnerability arises from incorrect generation of random numbers (insecure pseudorandom number generation) in the plugin, as documented across multiple sources. Impact ranges from Partial confidentiality, in...
CVE-2019-15630
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow...
Directory traversal
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow...
CVE-2019-15630
CVE-2019-15630 describes a directory traversal vulnerability affecting MuleSoft products: APIkit, HTTP connector, and OAuth2 Provider components in Mule Runtime 3.x/4.x and all MuleSoft API Gateway versions released before August 1, 2019. The issue permits remote attackers to read files accessibl...