Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal application service vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-11270
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes t...
Pivotal Software Cloud Foundry Uaa
Pivotal Software Operations Manager
Pivotal Software Application Service
7.8
CVSSv3
CVE-2019-3800
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is t...
Pivotal Cloud Foundry Notifications
Pivotal Cloud Foundry Log Cache Release
Pivotal Cloud Foundry Deployment Concourse Tasks
Pivotal Cloud Foundry Deployment
Pivotal Cloud Foundry Smoke Test
Pivotal Cloud Foundry Routing Release
Pivotal Cloud Foundry Networking Release
Pivotal Cloud Foundry Command Line Interface Release
Pivotal Cloud Foundry Command Line Interface
Pivotal Pivotal Cloud Foundry Service Broker
Pivotal On Demand Service Broker
Pivotal Metric Registrar Release
Pivotal Credhub Service Broker For Pcf
Pivotal Cloud Foundry Autoscaling Release
Pivotal Cloud Foundry Event Alerts
Pivotal Application Service
Pivotal Cloud Foundry Healthwatch
Pivotal Single Sign-on
Apigee Edge Service Broker
Newrelic Dotnet Extension Buildpack
Microsoft Azure Service Broker
Appdynamics Application Analytics
8.8
CVSSv3
CVE-2018-15763
Pivotal Container Service, versions before 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentia...
Pivotal Software Pivotal Container Service
9.8
CVSSv3
CVE-2016-9885
An issue exists in Pivotal GemFire for PCF 1.6.x versions before 1.6.5 and 1.7.x versions before 1.7.1. The gfsh (Geode Shell) endpoint, used by operators and application developers to connect to their cluster, is unauthenticated and publicly accessible. Because HTTPS communicati...
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.1
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.7.0.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.0.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.4.0
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.2
Pivotal Software Gemfire For Pivotal Cloud Foundry 1.6.3.0
7.5
CVSSv3
CVE-2023-34054
In Reactor Netty HTTP Server, versions 1.1.x before 1.1.13 and versions 1.0.x before 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable if Reactor Netty HTTP ...
Pivotal Reactor Netty
6.5
CVSSv3
CVE-2022-22969
<Issue Description> Spring Security OAuth versions 2.5.x before 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send...
Pivotal Spring Security Oauth
Oracle Communications Design Studio 7.4.2
8.8
CVSSv3
CVE-2018-1258
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
Pivotal Software Spring Security
Vmware Spring Framework 5.0.5
Oracle Weblogic Server 12.2.1.2
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Weblogic Server 12.1.3.0
Oracle Weblogic Server 10.3.6.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Application Testing Suite 12.5.0.3
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Weblogic Server 12.2.1.3
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Diameter Signaling Router
Oracle Communications Performance Intelligence Center
5.4
CVSSv3
CVE-2016-2340
The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an X...
Graniteds Granite Data Services 3.1.1-snapshot
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2