Falhas do tipo CWE-1259
15 resultadosCVE-2024-36111MEDIUMKubePi's JWT token validation has a defectEPSS 8.4%CVE-2022-23541MEDIUMjsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMACEPSS 0.8%CVE-2022-23551MEDIUMAAD Pod Identity obtaining token with backslashEPSS 0.7%CVE-2024-36533CRITICALInsecure permissions in volcano v1.8.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's EPSS 0.5%CVE-2026-25700HIGHApache Answer: AdminToken not invalidated after admin deactivationEPSS 0.4%CVE-2025-50579MEDIUMA CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due toEPSS 0.4%CVE-2025-51306MEDIUMIn Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without exEPSS 0.3%CVE-2026-40264LOWOpenBao's Token Store Allows Cross-Namespace Renewal, RevocationEPSS 0.3%CVE-2025-56676MEDIUMTitanSystems Zender v3.9.7 contains an account takeover vulnerability in its password reset functionality. A temporary password or reset tokEPSS 0.3%CVE-2024-4598MEDIUMInformation Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich MediatorEPSS 0.3%CVE-2025-56207MEDIUMA security flaw in the '_transfer' function of a smart contract implementation for Money Making Opportunity (MMO), an Ethereum ERC721 Non-FuEPSS 0.3%CVE-2025-27955MEDIUMClinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attEPSS 0.3%CVE-2024-41948LOWbiscuit-java vulnerable to public key confusion in third party blockEPSS 0.3%CVE-2024-29371HIGHIn jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token wiEPSS 0.2%CVE-2024-45448MEDIUMPage table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may aEPSS 0.1%