Total
83 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12161 | 1 Keycloak | 1 Keycloak | 2024-11-21 | 4.3 MEDIUM | 8.8 HIGH |
| It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset request. An attacker could use this flaw to craft a malicious password reset request and gain a valid reset token, leading to information disclosure or further attacks. | |||||
| CVE-2024-43188 | 1 Ibm | 1 Business Automation Workflow | 2024-09-29 | N/A | 4.9 MEDIUM |
| IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation. | |||||
| CVE-2024-42340 | 1 Cyberark | 1 Identity | 2024-08-30 | N/A | 8.3 HIGH |
| CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security | |||||