Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2025/12/17 8:57 p.m.9 views

Auth0 WordPress has Improper Audience Validation via Auth0-PHP SDK Dependency

Description In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Affected product and versions Projects are affected if they meet the following...

6.9AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/10/01 9:21 p.m.8 views

Auth0 Symfony SDK Does Not Properly Handle File Types in Bulk User Import

Overview In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs. Am I affected? You are affected by this vulnerability if you meet the...

3.3CVSS7.1AI score0.00329EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/21 10:15 a.m.1 views

DEBIAN-CVE-2025-49656

Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which fixes the issue...

7.5CVSS4.8AI score0.01401EPSS
Exploits0References1
OSV
OSV
added 2024/11/06 7:11 p.m.4 views

CVE-2024-51751 Arbitrary file read with File and UploadButton components in Gradio

Gradio is an open-source Python package designed to enable quick builds of a demo or web application. If File or UploadButton components are used as a part of Gradio application to preview file content, an attacker with access to the application might abuse these components to read arbitrary file...

6.5CVSS6.6AI score0.00672EPSS
Exploits1References3
Elastic
Elastic
added 2017/07/06 5:46 p.m.5 views

Elastic Stack 5.5 Security update

Elasticsearch X-Pack Security user credentials disclosure ESA-2017-10 Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL keys that were configured as...

6.5CVSS6.7AI score0.00924EPSS
Exploits0
Rows per page
Query Builder