161146 matches found
Astra Linux - уязвимость в 389-ds-base
A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...
Astra Linux - уязвимость в mariadb-10.3
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...
Astra Linux - уязвимость в python2.7, pypy
In Python versions 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an HTTP server can perform Regular Expression Denial of Service ReDoS attacks against clients due to the use of urllib.request.AbstractBasicAuthHandler, which allows catastrophi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A mechToken leak was fixed when the SPNEGO decoding failed after the token allocation. The kernel’s ASN.1 BER decoder calls action callbacks incrementally as it processes the input. When ksmbddecodenegTokenInit reaches the...
Astra Linux - уязвимость в tomcat9
Exposure of the HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerabilities in Apache Tomcat. This issue affects Apache Tomcat versions: 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.2 through 9.0.117, 8.5.24 through 8.5.100, and 7.0.83 through...
Astra Linux - уязвимость в 389-ds-base
A vulnerability was discovered in the 389 Directory Server, which allows expired passwords to access the database, resulting in improper authentication...
Astra Linux - уязвимость в pcs
A flaw was discovered in the Pacemaker configuration tool pcs. The pcs daemon allowed expired accounts, as well as accounts with expired passwords, to log in when using PAM authentication. As a result, unprivileged expired accounts that had been denied access could still log in...
Astra Linux - уязвимость в mariadb-10.3
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...
Astra Linux - уязвимость в mongo-c-driver
Some MongoDB drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. These published events may contain security-sensitive data when specific authentication-related commands are executed. Without proper care, an application...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the handling of SMB2READ commands within the kernel’s ksmbd module. The issue arises from failing to release memory after its effective lifespan has ended. An attacker can exploit this flaw to create a denial-of-service condition on affected Linux installations...
Astra Linux - уязвимость в openvpn
OpenVPN 2.1 up to v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plugins when more than one of them uses deferred authentication responses. This allows an external user to be granted access with only partially correct credentials...
Astra Linux - уязвимость в php7.3
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, and 8.2. before 8.2.7, when using SOAP HTTP Digest Authentication, the random value generator was not checked for failures. Additionally, the range of values used by the random generator was narrower than necessary. In the event of a random...
Astra Linux - уязвимость в opensc
A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...
Astra Linux - уязвимость в sssd
A race condition flaw was identified in sssd, where the GPO policy is not consistently applied to authenticated users. This could lead to improper authorization issues, granting or denying access to resources inappropriately...
Astra Linux - уязвимость в tomcat9
DEPRECATED: There is a vulnerability related to authentication bypass in digest authentication in Apache Tomcat. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.0.M1 through 9.0.117, 8.5.0 through 8.5.100, and versions prior to 7.0.0...
Astra Linux - уязвимость в samba
A out-of-bounds read vulnerability was discovered in Samba due to insufficient length checks in the winbinddpamauthcrap.c file. When performing NTLM authentication, the client sends cryptographic challenges back to the server. These responses have varying lengths, and Winbind fails to check the...
Astra Linux - уязвимость в tomcat9
CLIENTCERT authentication does not fail as expected in some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: versions from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, and from 9.0.92 through 9.0.116. Users are recommended to...
Astra Linux - уязвимость в python3.7, python2.7
There is a flaw in the urllib’s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server to which an HTTP client such as a web browser connects can trigger a Regular Expression Denial of Service ReDOS during an authentication request. This occurs when the server sends a...
Astra Linux - уязвимость в wpa
There exists a exploitable denial-of-service vulnerability in hostapd 2.6. An attacker could trigger the AP to send IAPP location updates for stations, even before the required authentication process is completed. This could lead to various denial-of-service scenarios, either by causing CAM table...
CVE-2026-47784
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...