-
Vulnerable Library - spring-boot-starter-actuator-2.7.1.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actua…
-
Hello, I've been using OpenCVE 1.5 and it's a great application. Thank you for developing this.
The official documentation says,
The first release of this OpenCVE v2 branch is planned for Feb/Ma…
nmomi updated
1 month ago
-
## Suggestion/Concern
The httpOnly option for cookies is currently set to false, allowing them to be accessed via JavaScript. This poses a security risk as it makes the cookies vulnerable to cross-…
-
## Component Details
- **Exploit Maturity**: no-known-exploit
- **Vulnerable Package**: -
- **Current Version**: -
- **Vulnerable Version(s)**: >[,3.0.12)
- **Vulnerable Path**: >null
## Overview
[…
-
## CVE-2023-5678 - Medium Severity Vulnerability
Vulnerable Libraries - OpenSSLOpenSSL_1_1_1g, OpenSSLOpenSSL_1_1_1g, OpenSSLOpenSSL_1_1_1g, OpenSSLOpenSSL_1_1_1g
Vulnerability Details
I…
-
**Category:** Cross-Site Scripting
**Sub Category:** Reflected
**Instance Id:** 0025906180B8740063BC5AADC2EEDEFB
**Accuracy:** 5.0
**Impact:** 5.0
**RemediationEffort:** 1.0
**Probability:…
-
Currently, dataspecer has:
```
11 vulnerabilities (2 low, 2 moderate, 7 high)
```
The vulnerable packages need to be updated.
-
Hello maintainer(s),
I am a security researcher from the Institute of Application Security at TU Braunschweig, Germany. We discovered a (potential) security vulnerability in your project.
We wo…
-
Vulnerable Library - esapi-2.1.0.1.jar
The Enterprise Security API (ESAPI) project is an OWASP project
to create simple strong security controls for every web platform.
Security cont…
-
The Crypto API currently only supports importing a key where the caller specifies the key type. The required format for the key is typically just the key value itself.
There are numerous applicatio…