Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/02/04 7:46 p.m.6 views

Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage

Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage Summary This vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user including low-privileged CI/CD Developers to obtain the global API Token signing key by accessing the...

8.8CVSS5.9AI score0.00393EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2025/12/13 3:7 p.m.174 views

glider_StakedUSDeV2

StakedUSDeV2 Uninitialized Role Variable PoC Vulnerability...

7.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/01/24 6:27 p.m.7 views

JBoss: AuthorizationInterceptor allows JMX operation to proceed despite authorization failure

The AuthorizationInterceptor in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and...

4.9CVSS6.4AI score0.02178EPSS
Exploits0References4
CVE
CVE
added 2010/04/29 9:0 p.m.58 views

CVE-2010-1617

CVE-2010-1617 (Moodle) : A flaw in Moodle’s access check on user/view.php allows remote authenticated users to obtain the full names of other users via the course profile page. Affected: Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8. Exploitation context and impact are stated in multiple advi...

4CVSS6AI score0.01525EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder