Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.5 views

PT-2024-12955 · Unknown · Woocommerce Support System

Name of the Vulnerable Software and Affected Versions: WooCommerce Support System versions 1.2.0 through 1.2.2 Description: A Cross-Site Request Forgery CSRF issue affects the WooCommerce Support System, allowing unauthorized actions. Users are advised to update to the latest version to mitigate...

6.5CVSS9.5AI score0.0026EPSS
Exploits0References9
OSV
OSV
added 2024/03/20 4:15 a.m.2 views

UBUNTU-CVE-2024-22258

Spring Authorization Server versions 1.0.0 - 1.0.5, 1.1.0 - 1.1.5, 1.2.0 - 1.2.2 and older unsupported versions are susceptible to a PKCE Downgrade Attack for Confidential Clients. Specifically, an application is vulnerable when a Confidential Client uses PKCE for the Authorization Code Grant. An...

6.1CVSS5.8AI score0.00522EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.6 views

Spring Authorization Server Security Vulnerability

VMware Spring Authorization Server is a framework for building secure OAuth 2.0 and OpenID Connect 1.0 authorization servers from VMware. A security vulnerability exists in Spring Authorization Server that stems from the vulnerability of an application to a PKCE downgrade attack when the PKCE...

6.1CVSS6.9AI score0.00522EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2018/10/18 4:57 p.m.8 views

org.apache.cxf.fediz.examples:springPreauthWebapp (>=1.2.0 <=1.2.2), org.apache.cxf.fediz.examples:springWebapp (>=1.2.0 <=1.2.2) +3 more potentially affected by CVE-2016-4464 via org.apache.cxf.fediz:fediz-spring (>=1.2.0 <=1.2.2)

org.apache.cxf.fediz:fediz-spring MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.2 Source cves: CVE-2016-4464 Source advisory: OSV:GHSA-QPWJ-MVV7-V3M9...

9.8CVSS7.2AI score0.03986EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/18 4:57 p.m.5 views

org.apache.cxf.fediz.examples:spring2Webapp (>=1.2.0 <=1.2.2), org.apache.cxf.fediz.systests.webapps:fediz-systests-webapps-spring2 (>=1.2.0 <=1.2.2) +1 more potentially affected by CVE-2016-4464 via org.apache.cxf.fediz:fediz-spring2 (>=1.2.0 <=1.2.2)

org.apache.cxf.fediz:fediz-spring2 MAVEN version =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.2 Source cves: CVE-2016-4464 Source advisory: OSV:GHSA-QPWJ-MVV7-V3M9...

9.8CVSS7.2AI score0.03986EPSS
Exploits0
Rows per page
Query Builder