Lucene search
+L

24 matches found

susecve
susecve
added 2023/02/15 5:4 a.m.3 views

SUSE CVE-2016-3956

The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers...

7.5CVSS6.8AI score0.06748EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2020/07/03 12:0 a.m.6 views

The vulnerability of the Microsoft Visual Studio Code Live Share Extension, related to the lack of data protection for service data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Visual Studio Code Live Share Extension relates to the lack of protection for service data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information by intercepting tokens from the client to...

5.9CVSS6.8AI score0.02826EPSS
Exploits0References2
cnvd
cnvd
added 2018/05/25 12:0 a.m.6 views

Accellion kiteworks authentication bypass vulnerability

Accellion kiteworks is a next-generation mobile file sharing and collaboration platform that improves enterprise productivity and security. An authentication bypass vulnerability exists in versions of Accellion kiteworks prior to 2017.01.00. A remote attacker could exploit the vulnerability by...

6.5CVSS6.8AI score0.01065EPSS
Exploits0References1
osv
osv
added 2017/01/23 9:59 p.m.4 views

DEBIAN-CVE-2016-6582

The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specification...

9.1CVSS9.3AI score0.04723EPSS
Exploits0References1
Rows per page
Query Builder