Lucene search
K

4 matches found

OSV
OSV
added 2026/06/08 10:59 p.m.14 views

GHSA-CMM3-54F8-PX4J Netty's Default QUIC token handler accepts any client-supplied token

NoQuicTokenHandler is the tokenHandler used when the application does not set one. Its writeToken returns false server will not send Retry — acceptable, but validateToken unconditionally return 0. In QuicheQuicServerCodec.handlePacket, a non-negative return from validateToken is interpreted as...

7.5CVSS5.4AI score0.00143EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 4:14 p.m.9 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
OSV
OSV
added 2020/06/30 12:15 p.m.2 views

UBUNTU-CVE-2020-15400

CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS...

4.3CVSS5.7AI score0.00446EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2008/08/12 12:0 a.m.604 views

Joomla! 1.5.x - 'Token' Remote Admin Change Password

Joomla 1.5.x Remote Admin Password Change Author: d3m0n [email protected] Greets: GregStar, gorion, d3d!k Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff File : /components/comuser/controller.php Line : 379-399 function confirmreset // Check for request forgeries...

7.4AI score
Exploits0
Rows per page
Query Builder