6 matches found
GeoNode 代码问题漏洞
GeoNode is an open-source platform developed by GeoNode, designed to facilitate the creation, sharing, and collaborative use of geospatial data. Versions of GeoNode prior to 4.4.5 and 5.0.2 contained code vulnerabilities. These vulnerabilities stemmed from insufficient validation of service...
CVE-2026-33890
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration endpoints without...
Insecure Token Validation
keycloak-services is vulnerable to Insecure Token validation. The vulnerability exists because the verifyToken function in ClientRegistrationTokenUtils.java does not properly validate the client tokens for possible revocations in its client credential flow, allowing an attacker to access or modif...
GHSA-MRQ8-53R4-3J5M Permissive parameters and privilege escalation
An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...
Permissive parameters and privilege escalation
An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...
CVE-2018-20301
An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...