Filter
AND
-Infinity
0
Trending
Oracle WebLogic ServerCross-site Scripting in org.owasp.esapi:esapi -- antisamy-esapi.xml configuration file
6.1
First published (updated )
OWASP Enterprise Security APIIt was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle at…
5.9
First published (updated )
OWASP Enterprise Security APIThe authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterpr…
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/corazawaf/coraza/v3OWASP Coraza WAF has parser confusion which leads to wrong URI in `REQUEST_FILENAME`
5.4
EPSS
0.04%
First published (updated )
OWASP Dependency-Track@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details
5.4
First published (updated )
OWASP Dependency-CheckDependencyCheck Debug Mode Logging of NVD API Key
5.3
EPSS
0.05%
First published (updated )
Dependency-TrackDependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissions
4.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OWASP Zed Attack ProxyOWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTT…
4.3
First published (updated )