Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-11292
Pivotal Ops Manager, versions 2.4.x before 2.4.27, 2.5.x before 2.5.24, 2.6.x before 2.6.16, and 2.7.x before 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as w...
Pivotal Software Operations Manager
6.5
CVSSv3
CVE-2019-3778
Spring Security OAuth, versions 2.3 before 2.3.5, and 2.2 before 2.2.4, and 2.1 before 2.1.4, and 2.0 before 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a requ...
Pivotal Software Spring Security Oauth
Oracle Banking Corporate Lending 14.1.0
Oracle Banking Corporate Lending 14.3.0
Oracle Banking Corporate Lending 14.4.0
1 EDB exploit
2 Github repositories
6.5
CVSSv3
CVE-2018-1279
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to...
Pivotal Software Rabbitmq
1 Github repository
6.5
CVSSv3
CVE-2018-11044
Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x before 2.2.1 and 2.1.x before 2.1.8 and 2.0.x before 2.0.17 and 1.12.x before 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject ...
Pivotal Software Pivotal Application Service
6.5
CVSSv3
CVE-2018-11046
Pivotal Operations Manager, versions 2.1.x before 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operat...
Pivotal Software Operations Manager
Pivotal Software Operations Manager 2.0.14
6.5
CVSSv3
CVE-2018-1276
Windows 2012R2 stemcells, versions before 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials.
Pivotal Software Windows Stemcells
6.5
CVSSv3
CVE-2018-1278
Apps Manager included in Pivotal Application Service, versions 1.12.x before 1.12.22, 2.0.x before 2.0.13, and 2.1.x before 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discov...
Pivotal Software Pivotal Application Service
6.5
CVSSv3
CVE-2018-1200
Apps Manager for PCF (Pivotal Application Service 1.11.x prior to 1.11.26, 1.12.x prior to 1.12.14, and 2.0.x prior to 2.0.5) allows unprivileged remote file read in its container via specially-crafted links.
Pivotal Software Pivotal Application Service
6.5
CVSSv3
CVE-2017-4974
An issue exists in Cloud Foundry Foundation cf-release versions prior to v258; UAA release 2.x versions prior to v2.7.4.15, 3.6.x versions prior to v3.6.9, 3.9.x versions prior to v3.9.11, and other versions prior to v3.16.0; and UAA bosh release (uaa-release) 13.x versions prior...
Pivotal Software Cloud Foundry Uaa 3.6.6
Pivotal Software Cloud Foundry Uaa 3.6.4
Pivotal Software Cloud Foundry Uaa 3.9.8
Pivotal Software Cloud Foundry Uaa 3.9.5
Pivotal Software Cloud Foundry Uaa 2.7.4.13
Pivotal Software Cloud Foundry Uaa 2.2.5.4
Pivotal Software Cloud Foundry Uaa 2.7.4.4
Pivotal Software Cloud Foundry Uaa 2.7.4.5
Pivotal Software Cloud Foundry Uaa 3.9.10
Pivotal Software Cloud Foundry Uaa 2.7.1
Pivotal Software Cloud Foundry Uaa 2.7.3
Pivotal Software Cloud Foundry Uaa 2.7.4
Pivotal Software Cloud Foundry Uaa 2.7.4.1
Pivotal Software Cloud Foundry Uaa 2.7.4.2
Pivotal Software Cloud Foundry Uaa 2.7.4.3
Pivotal Software Cloud Foundry Uaa 2.7.4.7
Pivotal Software Cloud Foundry Uaa 2.7.4.12
Pivotal Software Cloud Foundry Uaa 3.6.2
Pivotal Software Cloud Foundry Uaa 3.6.5
Pivotal Software Cloud Foundry Uaa 3.6.7
Pivotal Software Cloud Foundry Uaa 3.6.8
Pivotal Software Cloud Foundry Uaa 3.9.2
6.5
CVSSv3
CVE-2016-2165
The Loggregator Traffic Controller endpoints in cf-release v231 and lower, Pivotal Elastic Runtime versions before 1.5.19 AND 1.6.x versions before 1.6.20 are not cleansing request URL paths when they are invalid and are returning them in the 404 response. This could allow malici...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Elastic Runtime 1.6.0
Pivotal Software Cloud Foundry Elastic Runtime 1.6.1
Pivotal Software Cloud Foundry Elastic Runtime 1.6.2
Pivotal Software Cloud Foundry Elastic Runtime 1.6.3
Pivotal Software Cloud Foundry Elastic Runtime 1.6.4
Pivotal Software Cloud Foundry Elastic Runtime 1.6.5
Pivotal Software Cloud Foundry Elastic Runtime 1.6.6
Pivotal Software Cloud Foundry Elastic Runtime 1.6.7
Pivotal Software Cloud Foundry Elastic Runtime 1.6.8
Pivotal Software Cloud Foundry Elastic Runtime 1.6.9
Pivotal Software Cloud Foundry Elastic Runtime 1.6.10
Pivotal Software Cloud Foundry Elastic Runtime 1.6.11
Pivotal Software Cloud Foundry Elastic Runtime 1.6.12
Pivotal Software Cloud Foundry Elastic Runtime 1.6.13
Pivotal Software Cloud Foundry Elastic Runtime 1.6.14
Pivotal Software Cloud Foundry Elastic Runtime 1.6.15
Pivotal Software Cloud Foundry Elastic Runtime 1.6.16
Pivotal Software Cloud Foundry Elastic Runtime 1.6.17
Pivotal Software Cloud Foundry Elastic Runtime 1.6.18
Pivotal Software Cloud Foundry Elastic Runtime 1.6.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »