Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/04/09 6:31 p.m.8 views

Use of GET Request Method With Sensitive Query Strings

Overview org.apache.openmeetings:openmeetings-parent is a web-conferencing software. Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings via the REST login endpoint when sensitive information such as username and password is transmitted as...

8.7CVSS5.8AI score0.00509EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/09 6:31 p.m.7 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the remember-me cookie encryption key and salt. An attacker can obtain full user credentials by stealing a cookie from a logged-in user if the default encryption key has not been changed. Remediati...

8.7CVSS5.8AI score0.00234EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 3:52 p.m.1 views

CVE-2026-33266

Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case OM admin hasn't changed the default encryption key, an attacker who has stolen a cookie from a...

5.9AI score0.00234EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2024/11/12 11:1 p.m.3 views

Unchecked Input for Loop Condition

Overview System.Formats.Nrbf is a package that exposes only one component: NrbfDecoder: a stateless, forward-only decoder class that can decode .NET Remoting Binary Format NRBF binary data from a stream. Affected versions of this package are vulnerable to Unchecked Input for Loop Condition via th...

8.7CVSS6.9AI score0.02559EPSS
Exploits0References2
Rows per page
Query Builder