Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2018-11041
Cloud Foundry UAA, versions later than 4.6.0 and before 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, all...
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Uaa
516
VMScore
CVE-2015-3190
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an malicious user to insert malicious web page as a redi...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
516
VMScore
CVE-2016-6657
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime components. Users of affected versions should apply the following mitigation: Upgrade PCF Elastic Runtime 1.8.x versions to 1.8.12 or later. Upgrade PCF Ops Manager 1.7.x versions to ...
Pivotal Software Cloud Foundry Ops Manager 1.8.3
Pivotal Software Cloud Foundry Ops Manager 1.8.4
Pivotal Software Cloud Foundry Ops Manager 1.8.5
Pivotal Software Cloud Foundry Ops Manager 1.8.6
Pivotal Software Cloud Foundry Ops Manager 1.7.10
Pivotal Software Cloud Foundry Ops Manager 1.7.11
Pivotal Software Cloud Foundry Ops Manager 1.7.12
Pivotal Software Cloud Foundry Ops Manager 1.7.2
Pivotal Software Cloud Foundry Ops Manager 1.8.0
Pivotal Software Cloud Foundry Ops Manager 1.7.13
Pivotal Software Cloud Foundry Ops Manager 1.7.14
Pivotal Software Cloud Foundry Ops Manager 1.7.15
Pivotal Software Cloud Foundry Ops Manager 1.7.7
Pivotal Software Cloud Foundry Ops Manager 1.7.8
Pivotal Software Cloud Foundry Ops Manager 1.7.9
Pivotal Software Cloud Foundry Ops Manager 1.8.1
Pivotal Software Cloud Foundry Ops Manager 1.8.8
Pivotal Software Cloud Foundry Ops Manager 1.8.10
Pivotal Software Cloud Foundry Ops Manager 1.7.16
Pivotal Software Cloud Foundry Ops Manager 1.7.18
Pivotal Software Cloud Foundry Ops Manager 1.7.1
Pivotal Software Cloud Foundry Ops Manager 1.7.3
490
VMScore
CVE-2019-3790
The Pivotal Ops Manager, 2.2.x versions before 2.2.23, 2.3.x versions before 2.3.16, 2.4.x versions before 2.4.11, and 2.5.x versions before 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session th...
Pivotal Software Operations Manager
490
VMScore
CVE-2018-15795
Pivotal CredHub Service Broker, versions before 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Pivotal Software Credhub Service Broker
490
VMScore
CVE-2018-15796
Cloud Foundry Bits Service Release, versions before 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage.
Pivotal Software Bits Service
447
VMScore
CVE-2014-3625
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 up to and including 3.2.x prior to 3.2.12, 4.0.x prior to 4.0.8, and 4.1.x prior to 4.1.2 allows remote malicious users to read arbitrary files via unspecified vectors, related to static resource handling.
Vmware Spring Framework
Pivotal Software Spring Framework
445
VMScore
CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x before 3.7.21 and 3.8.x before 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions before 1.16.7 and 1.17.x versions before 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HT...
Pivotal Software Rabbitmq
Vmware Rabbitmq
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
Debian Debian Linux 9.0
445
VMScore
CVE-2019-11270
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes t...
Pivotal Software Operations Manager
Pivotal Software Application Service
Pivotal Software Cloud Foundry Uaa
445
VMScore
CVE-2019-3802
This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a mal...
Pivotal Software Spring Data Java Persistance Api
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »