Lucene search
+L

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-3254

Malware in sbrugna...

6.5CVSS6.5AI score0.00862EPSS
Exploits0References2
Prion
Prion
added 2017/05/25 5:29 p.m.21 views

Code injection

The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malicious scripts t...

4.3CVSS7AI score0.00862EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2017/05/25 5:29 p.m.23 views

CVE-2016-0781

The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in eith...

6.1CVSS6AI score0.00656EPSS
Exploits0References1
OSV
OSV
added 2017/05/25 5:29 p.m.19 views

CVE-2016-2165

The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions prior to 1.5.19 AND 1.6.x versions prior to 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malicious scripts t...

6.5CVSS6.7AI score0.00862EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/05/25 5:0 p.m.26 views

CVE-2016-0781

The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in eith...

6AI score0.00656EPSS
Exploits0References1
CVE
CVE
added 2017/05/25 5:0 p.m.46 views

CVE-2016-0781

The CVE-2016-0781 issue affects Cloud Foundry ecosystem components: UAA OAuth approval pages in Cloud Foundry v208–v231, Login-server v1.6–v1.14, UAA v2.0.0–v2.7.4.1, UAA v3.0.0–v3.2.0, UAA-Release v2–v7, and Pivotal Elastic Runtime 1.6.x before 1.6.20. The vulnerability is an XSS flaw introduced...

6.1CVSS5.9AI score0.00656EPSS
Exploits0References1Affected Software5
Rows per page
Query Builder