CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

Snyk•added 2026/04/22 5:6 p.m.•2 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to the SkipClientIDCheck configuration in the OIDC authentication provider, which disables audience claim validation. An attacker can gain unauthorized access by presenting a token issued for a different...

9.2CVSS5.5AI score0.00068EPSS

Exploits0References2

RedhatCVE•added 2025/12/11 8:2 a.m.•1 views

CVE-2025-12952

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS7.1AI score0.00071EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-9203

Malware in sbrugna...

4.3CVSS4.6AI score0.00123EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-0946

Malicious code in bioql PyPI...

6.8CVSS5.9AI score0.00381EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-19523

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00295EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:14 a.m.•3 views

CVE-2018-17450

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery SSRF via the Kubernetes integration, leading for example to disclosure of a GCP service token...

4.3CVSS6.5AI score0.00123EPSS

Exploits0References1

Tenable Nessus•added 2024/02/05 12:0 a.m.•77 views

Rockwell FactoryTalk Services Platform < 6.40 Authentication Bypass

The version of Rockwell FactoryTalk Services Platform installed on the remote Windows host is prior to 6.40. It is, therefore, affected by a vulnerability. - A vulnerability exists in Rockwell Automation FactoryTalkÂ® Service Platform that allows a malicious user to obtain the service token and u...

9.8CVSS8.5AI score0.00295EPSS

Exploits0References2

NCSC•added 2024/02/01 12:0 a.m.•1 views

Vulnerability fixed in Rockwell Automation FactoryTalk

Rockwell Automation has fixed a vulnerability in FactoryTalk Service Platform. A malicious party could exploit the vulnerability to obtain the Service Token to gain unauthorized access gain unauthorized access to other FactoryTalk systems connected to the infrastructure. Once gained access, the...

9.8CVSS8AI score0.00295EPSS

Exploits0

CNNVD•added 2024/01/31 12:0 a.m.•1 views

Rockwell Automation FactoryTalk Services Platform 数据伪造问题漏洞

Rockwell Automation FactoryTalk Services Platform is a suite of services platforms from Rockwell Automation, USA, consisting of multiple products that provide applications with routine services such as diagnostic information, health monitoring, and real-time data access. A security vulnerability...

9.8CVSS7.4AI score0.00295EPSS

Exploits0References2

Positive Technologies•added 2024/01/30 12:0 a.m.•1 views

PT-2024-1615

Name of the Vulnerable Software and Affected Versions Rockwell Automation FactoryTalk Service Platform affected versions not specified Description The issue is related to incorrect cryptographic signature verification in the FactoryTalk Services Platform, which can allow a remote attacker to gain...

9.8CVSS9.4AI score0.00295EPSS

Exploits0References10

NVD•added 2023/04/15 11:15 p.m.•14 views

CVE-2018-17450

4.3CVSS4.3AI score0.00123EPSS

Exploits0References2

OSV•added 2023/04/15 11:15 p.m.•15 views

CVE-2018-17450

4.3CVSS4.6AI score

Exploits0References2

Prion•added 2023/04/15 11:15 p.m.•13 views

Server side request forgery (ssrf)

4CVSS4.6AI score0.00123EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/04/15 12:0 a.m.•3 views

CVE-2018-17450

4.3AI score0.00123EPSS

Exploits0References2

Positive Technologies•added 2023/04/15 12:0 a.m.•0 views

PT-2023-10697 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Community and Enterprise Edition versions 11.1.7 and earlier, 11.2.x before 11.2.4, 11.3.x before 11.3.1 Description: The issue is related to Server-Side Request Forgery SSRF via the Kubernetes integration. This can lead to the...

4.3CVSS4.4AI score0.00123EPSS

Exploits0References6

Debian CVE•added 2023/04/15 12:0 a.m.•18 views

CVE-2018-17450

Removed by vendor...

4.3CVSS5.8AI score0.00123EPSS

Exploits0

Cvelist•added 2023/04/15 12:0 a.m.•14 views

CVE-2018-17450

4.6AI score0.00123EPSS

Exploits0References2

Github Security Blog•added 2023/03/07 12:30 a.m.•27 views

Moodle Cross-site Scripting vulnerability

In Moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk...

5.4CVSS5.5AI score0.00823EPSS

Exploits0References3Affected Software1

OSV•added 2022/04/27 4:15 p.m.•0 views

CVE-2021-38919

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021...

7.5CVSS6.5AI score0.00359EPSS

Exploits0References2

CNNVD•added 2021/12/08 12:0 a.m.•1 views

Fortinet FortiAuthenticator 信息泄露漏洞

Fortinet FortiAuthenticator is a centralized user identity management solution from Fortinet. An information disclosure vulnerability exists in Fortinet FortiAuthenticator that originates from the product allowing an LDAP user token to be copied to obtain sensitive information...

8.3CVSS6.5AI score0.00395EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by