Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hitachi ops center common services vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-3967
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: prior to 10.9.3-00.
Hitachi Ops Center Common Services
9.8
CVSSv3
CVE-2021-42575
The OWASP Java HTML Sanitizer prior to 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
Owasp Java Html Sanitizer
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Middleware Common Libraries And Tools 12.2.1.3.0
9.8
CVSSv3
CVE-2022-0839
Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase before 4.8.0.
Liquibase Liquibase
Oracle Sqlcl 19c
8.8
CVSSv3
CVE-2021-4133
A flaw was found in Keycloak in versions from 12.0.0 and prior to 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled.
Redhat Keycloak
6.5
CVSSv3
CVE-2020-13444
Liferay Portal 7.x prior to 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Provider...
Liferay Liferay Portal 7.1
Liferay Liferay Portal 7.1.1
Liferay Liferay Portal 7.2
Liferay Liferay Portal 7.3
8.8
CVSSv3
CVE-2020-13445
In Liferay Portal prior to 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarke...
Liferay Liferay Portal 7.1
Liferay Liferay Portal 7.1.1
Liferay Liferay Portal 7.2
Liferay Liferay Portal 7.3
1 Github repository
6.8
CVSSv3
CVE-2021-20262
A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an malicious user to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability i...
Redhat Keycloak 12.0.0
Redhat Single Sign-on 7.0
6.5
CVSSv3
CVE-2020-27838
A flaw was found in keycloak in versions before 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threa...
Redhat Keycloak
Redhat Single Sign-on 7.0
2 Github repositories
6.5
CVSSv3
CVE-2022-1466
Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.
Redhat Keycloak
Redhat Single Sign-on 7.5.0
7.5
CVSSv3
CVE-2021-3637
A flaw was found in keycloak-model-infinispan in keycloak versions prior to 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack.
Redhat Keycloak
Redhat Single Sign-on 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »