128 matches found
CLSA-2026-1779267466 shadow-utils: Fix of CVE-2023-4641
CVE-2023-4641: fix password leak in gpasswd...
MiracleLinux 8 : shadow-utils-4.6-19.el8 (AXSA:2023-7078:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7078:04 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...
ECHO-5573-8A38-4641
Bulletin has no description...
Siemens Ruggedcom ROX Incorrect Implementation of Authentication Algorithm (CVE-2023-4641)
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...
RHSA-2024:4641
creationtimestamp| type| source ---|---|--- 2025-10-01 09:00:27+00:00| seen| Telegram/-h2tA7k5LBgvws531-LzQjYT1zC4XZfun-87EvnaObsJ2E...
NewStart CGSL MAIN 7.02 : shadow Vulnerability (NS-SA-2025-0198)
The remote NewStart CGSL host, running version MAIN 7.02, has shadow packages installed that are affected by a vulnerability: - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails i...
TencentOS Server 4: shadow-utils (TSSA-2025:0065)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0065 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: shadow-utils (TSSA-2023:0297)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0297 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2022-4641
A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. T...
ai.dev-tools:ai-devtools (>=0.1.12 <=0.1.20), ai.dev-tools:ai-devtools-selenium (>=0.1.2 <=0.1.11) +599 more potentially affected by CVE-2025-4641 via io.github.bonigarcia:webdrivermanager (>=1.0.0 <=6.0.1)
io.github.bonigarcia:webdrivermanager MAVEN version =1.0.0, =0.1.12, =0.1.2, =0.1.1, =0.0.3, =0.2.6, =0.2.48 and more Source cves: CVE-2025-4641 Source advisory: OSV:GHSA-PWM3-776C-8Q7Q...
CVE-2025-4641
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...
com.nordstrom.ui-tools:selenium-foundation (>=28.5.1-s3 <=29.8.0-s3), com.sdl.lt:Testy (>=20.08.466.0_eb932e0 <=20.08.487.0_526db13) +7 more potentially affected by CVE-2025-4641 via io.github.bonigarcia:webdrivermanager (>=6.0.0 <=6.0.1)
io.github.bonigarcia:webdrivermanager MAVEN version =6.0.0, =28.5.1-s3, =20.08.466.0eb932e0, =1.0.0-Alpha1, =0.8.1.2, =1.1.6, =0.2.16.16appium, =0.2.23appium Source cves: CVE-2025-4641 Source advisory: SNYK:JAVA-IOGITHUBBONIGARCIA-10380065...
CVE-2025-4641 XML External Entity (XXE) injection vulnerability in WebDriverManager
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...
CVE-2025-4641 XML External Entity (XXE) injection vulnerability in WebDriverManager
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...
CVE-2025-4641
CVE-2025-4641 affects bonigarcia WebDriverManager (WebDriverManager.java) and is caused by improper restriction of XML External Entity references in XML parsing components. Affected versions are 1.0.0 through before 6.0.2 (per CVE description); remediation in public advisories ranges from upgradi...
Alibaba Cloud Linux 3 : 0041: shadow-utils (ALINUX3-SA-2024:0041)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-4641: A flaw was found in shadow-utils. Wh...
CBL Mariner 2.0 Security Update: shadow-utils (CVE-2023-4641)
The version of shadow-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4641 advisory. - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice...
CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14
CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14. A patched version of the package is available...
Debian: Security Advisory (DLA-4130-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4130 : login - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4130 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4130-1 [email protected]...