Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheAurora

2 matches found

CVE
CVEadded 2024/02/27 2:29 p.m.3571 views

CVE-2024-27905

Apache Aurora is affected by a vulnerability described as an exposure of sensitive information to an unauthenticated actor, arising from an endpoint that exposes internals and can function as a padding oracle to craft a valid authentication cookie. The issue can potentially be combined with other...

9.1CVSS9.6AI score0.02046EPSS
CVE
CVEadded 2016/06/07 2:0 p.m.1223 views

CVE-2016-4437

The CVE-2016-4437 issue affects Apache Shiro before 1.2.5 when no cipher key is configured for the rememberMe feature, enabling remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. Public advisories describe an RCE condition with ...

9.8CVSS8.3AI score0.94251EPSS
In wildWeb