Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This...

8.2CVSS5.8AI score0.00422EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-56091

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

8.2CVSS0.00422EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:45 a.m.14 views

EUVD-2026-39230

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

9.8CVSS5.9AI score0.24163EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/25 8:45 a.m.27 views

CVE-2026-56091 Apache Shiro: Authentication bypass in Guice-Web integration

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

8.2CVSS0.00422EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:45 a.m.8 views

CVE-2026-56091

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

8.2CVSS5.9AI score0.00422EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 8:45 a.m.22 views

CVE-2026-56091

CVE-2026-56091 involves Apache Shiro when used with the shiro-guice module in a web servlet context. A specially crafted HTTP request may cause an authentication bypass. Affected: all Apache Shiro versions through 2.x; 3.0.0-alpha-1 is affected when using shiro-guice in this context. Remediation:...

8.2CVSS5.9AI score0.00422EPSS
Exploits0References1
NVD
NVD
added 2026/04/26 7:16 a.m.9 views

CVE-2026-7024

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

5.5CVSS0.00372EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/10/16 4:26 a.m.7 views

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 CVSS score:...

10CVSS9.7AI score0.87515EPSS
Exploits8
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2017-14449

Malware in sbrugna...

9.8CVSS9.3AI score0.06304EPSS
Exploits6References8
Positive Technologies
Positive Technologies
added 2021/10/13 12:0 a.m.7 views

PT-2021-8121 · Draytek · Draytek Vigorconnect

Name of the Vulnerable Software and Affected Versions: Draytek VigorConnect version 1.6.0-B3 Description: A local file inclusion vulnerability exists in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary...

7.8CVSS6.6AI score0.74279EPSS
Exploits3References35
RedHat Linux
RedHat Linux
added 2018/12/11 2:12 p.m.3 views

jolokia: Cross site scripting in the HTTP servlet

An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser...

6.1CVSS5.9AI score0.25459EPSS
Exploits1References5
CNVD
CNVD
added 2018/03/19 12:0 a.m.5 views

Jolokia Agent Cross-Site Scripting Vulnerability

Jolokia is a use of JSON via Http to achieve JMX remote management of open source projects , it provides JMX batch operation , security policies , etc. Jolokia agent is one of the agent . Jolokia agent 1.3.7 version of the HTTP servlet has a cross-site scripting vulnerability . A remote attacker...

6.1CVSS6.6AI score0.25459EPSS
Exploits1References1
Rows per page
Query Builder