Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6544 | 1 Redhat | 3 Build Keycloak, Red Hat Single Sign On, Rhosemc | 2025-08-07 | 5.4 Medium |
| A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized. | ||||
| CVE-2023-43494 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 4.3 Medium |
| Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered. | ||||
| CVE-2020-8910 | 1 Google | 1 Closure Library | 2024-11-21 | 6.5 Medium |
| A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to version v20200315. | ||||
| CVE-2018-8926 | 1 Synology | 1 Photo Station | 2024-11-21 | N/A |
| Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter. | ||||
Page 1 of 1.