Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal application service vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-11270
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes t...
Pivotal Software Operations Manager
Pivotal Software Application Service
Pivotal Software Cloud Foundry Uaa
6.5
CVSSv3
CVE-2022-22969
<Issue Description> Spring Security OAuth versions 2.5.x before 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send...
Pivotal Spring Security Oauth
Oracle Communications Design Studio 7.4.2
6.5
CVSSv3
CVE-2018-11044
Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x before 2.2.1 and 2.1.x before 2.1.8 and 2.0.x before 2.0.17 and 1.12.x before 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject ...
Pivotal Software Pivotal Application Service
6.5
CVSSv3
CVE-2018-1278
Apps Manager included in Pivotal Application Service, versions 1.12.x before 1.12.22, 2.0.x before 2.0.13, and 2.1.x before 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discov...
Pivotal Software Pivotal Application Service
6.5
CVSSv3
CVE-2018-1200
Apps Manager for PCF (Pivotal Application Service 1.11.x prior to 1.11.26, 1.12.x prior to 1.12.14, and 2.0.x prior to 2.0.5) allows unprivileged remote file read in its container via specially-crafted links.
Pivotal Software Pivotal Application Service
5.4
CVSSv3
CVE-2019-11276
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x before 2.3.16, 2.4.x before 2.4.12, 2.5.x before 2.5.8, and 2.6.x before 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjac...
Pivotal Software Application Service
5.4
CVSSv3
CVE-2016-2340
The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an X...
Graniteds Granite Data Services 3.1.1-snapshot
4.3
CVSSv3
CVE-2019-11275
Pivotal Application Manager, versions 666.0.x before 666.0.36, versions 667.0.x before 667.0.22, versions 668.0.x before 668.0.21, versions 669.0.x before 669.0.13, and versions 670.0.x before 670.0.7, contain a vulnerability where a remote authenticated user can create an app wi...
Pivotal Apps Manager
Pivotal Software Pivotal Application Service
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2