Lucene search
K

11 matches found

Snyk
Snyk
added 2026/04/02 3:31 p.m.3 views

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Behavior Order: Authorization Before Parsing and Canonicalization via the UMA Policy Resource user...

8.6CVSS5.9AI score0.00346EPSS
Exploits1References2
OSV
OSV
added 2018/10/17 5:22 p.m.21 views

GHSA-758M-6G3Q-G3HH Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character - like mytest, test.txt. This can result in unintended behavior...

9.8CVSS9.4AI score0.04198EPSS
Exploits1References4
Prion
Prion
added 2017/06/14 5:29 p.m.13 views

Design/Logic Flaw

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character - like mytest, test.txt. This can result in unintended behavior...

7.5CVSS9.4AI score0.04198EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/06/14 5:29 p.m.18 views

CVE-2017-7676

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character - like mytest, test.txt. This can result in unintended behavior...

9.8CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2017/06/14 5:0 p.m.15 views

CVE-2017-7676

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character - like mytest, test.txt. This can result in unintended behavior...

9.5AI score0.04198EPSS
Exploits1References2
Veracode
Veracode
added 2017/06/08 6:11 a.m.17 views

Unintended Behaviours

ranger-plugins-common is vulnerable to unintended behaviors. It is possible because the policy resource matcher does not properly handle the policies with characters after a wildcard character, leading to unintended behaviors...

9.8CVSS6.6AI score0.04198EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2015/07/23 12:0 a.m.1 views

Cisco Videoscape Policy Resource Manager Denial of Service Vulnerability

Cisco Videoscape Policy Resource Manager is a suite of video service management software from Cisco. The software supports access to session, resource, and policy information across QAM and IP environments. A denial of service vulnerability exists in Cisco Videoscape Policy Resource Manager 3.5.4...

7.8CVSS6.7AI score0.0136EPSS
Exploits0References1
Prion
Prion
added 2015/07/21 2:59 p.m.14 views

Code injection

Cisco Videoscape Policy Resource Manager PRM 3.5.4 allows remote attackers to cause a denial of service CPU and memory consumption, and TCP service outage via 1 a SYN flood or 2 another type of TCP traffic flood, aka Bug IDs CSCuu35104 and CSCuu35128...

7.8CVSS7.2AI score0.0136EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/07/21 2:0 p.m.17 views

CVE-2015-4283

Cisco Videoscape Policy Resource Manager PRM 3.5.4 allows remote attackers to cause a denial of service CPU and memory consumption, and TCP service outage via 1 a SYN flood or 2 another type of TCP traffic flood, aka Bug IDs CSCuu35104 and CSCuu35128...

6.7AI score0.0136EPSS
Exploits0References2
CVE
CVE
added 2015/07/21 2:0 p.m.44 views

CVE-2015-4283

Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 is affected by a denial-of-service in the TCP module due to lack of rate limiting in the TCP listening application. An unauthenticated remote attacker can exploit via a TCP SYN flood or similar traffic to exhaust CPU/memory and disrupt TCP serv...

7.8CVSS6.9AI score0.0136EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2015/07/20 8:58 p.m.34 views

Cisco Videoscape Policy Resource Manager Denial of Service Vulnerability

A vulnerability in the TCP module of the Cisco Videoscape Policy Resource Manager PRM product could allow an unauthenticated, remote attacker to disable TCP ports and cause an increase in CPU and memory usage. The vulnerability is due to a lack of rate limiting in the TCP listening application. A...

5CVSS6.6AI score0.0136EPSS
Exploits0References1
Rows per page
Query Builder