Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Salesforce Security Vulnerabilities

cve
cve

CVE-2016-1000232

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0.

5.3CVSS

5.3AI Score

0.006EPSS

2018-09-05 05:29 PM
50
cve
cve

CVE-2016-15012

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading ...

9.8CVSS

9.8AI Score

0.002EPSS

2023-01-07 01:15 PM
29
cve
cve

CVE-2017-15010

A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU.

7.5CVSS

7.2AI Score

0.013EPSS

2017-10-04 01:29 AM
53
2
cve
cve

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021.

9.8CVSS

9.7AI Score

0.006EPSS

2021-03-26 05:15 PM
21
cve
cve

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.

9.8CVSS

9.4AI Score

0.002EPSS

2021-03-26 05:15 PM
156
cve
cve

CVE-2021-1628

MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021.

9.8CVSS

9.4AI Score

0.002EPSS

2021-03-26 05:15 PM
152
cve
cve

CVE-2021-1630

XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.

7.5CVSS

7.5AI Score

0.002EPSS

2021-08-05 09:15 PM
180
6
cve
cve

CVE-2023-26136

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.

9.8CVSS

9.2AI Score

0.002EPSS

2023-07-01 05:15 AM
157