Lucene search
K

79 matches found

UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.49 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/27 12:0 a.m.6 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

7.9AI score0.00441EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.7 views

Apache::Session::Browseable 信任管理问题漏洞

Apache::Session::Browseable is an Apache::Session implementation that allows indexes to be defined to speed up searches. A security vulnerability exists in Apache::Session::Browseable versions prior to 1.3.6 that stems from not checking the validity of X.509 certificates...

8.1CVSS7.5AI score0.00422EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.6 views

Apache::Session::LDAP 信任管理问题漏洞

Apache::Session::LDAP is a tool for storing Apache sessions in LDAP. A security vulnerability exists in Apache::Session::LDAP versions prior to 0.5 that stems from not checking the validity of an X.509 certificate...

8.1CVSS7.5AI score0.00441EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.31 views

CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...

8.1CVSS7.1AI score0.00422EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/27 12:0 a.m.3 views

PT-2023-11827 · Unknown · Net::Ldaps +1

Name of the Vulnerable Software and Affected Versions: Apache::Session::Browseable versions prior to 1.3.6 Description: The issue concerns the validity check of the X.509 certificate when connecting to remote LDAP backends. By default, the validity of the X.509 certificate is not checked due to t...

8.1CVSS7.8AI score0.00559EPSS
Exploits1References19
CVE
CVE
added 2014/11/16 2:0 a.m.43 views

CVE-2013-3737

The CVE-2013-3737 issue affects the MobileUI (RT-Extension-MobileUI) for Request Tracker (RT) installations. It concerns MobileUI >=?

5CVSS7.1AI score0.01445EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2013/08/23 4:55 p.m.7 views

CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

8.3AI score0.01405EPSS
Exploits0References7
NVD
NVD
added 2013/08/23 4:55 p.m.14 views

CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

4.3CVSS6AI score0.01405EPSS
Exploits0References7
OSV
OSV
added 2013/08/23 4:55 p.m.12 views

UBUNTU-CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

4.3CVSS7.3AI score0.01405EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/08/23 4:55 p.m.24 views

CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

4.3CVSS7.2AI score0.01405EPSS
Exploits0References2
Prion
Prion
added 2013/08/23 4:55 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

4.3CVSS6.5AI score0.01405EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2013/08/23 4:0 p.m.28 views

CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

4.3CVSS8AI score0.01405EPSS
Exploits0
Cvelist
Cvelist
added 2013/08/23 4:0 p.m.32 views

CVE-2013-3374

Unspecified vulnerability in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information user preferences and caches via unknown vectors, related to a "limited session re-use."...

8.3AI score0.01405EPSS
Exploits0References7
CVE
CVE
added 2013/08/23 4:0 p.m.59 views

CVE-2013-3374

RT (Request Tracker) is affected by an unspecified vulnerability in the Apache::Session::File session store, impacting RT 3.8.x before 3.8.17 and RT 4.0.x before 4.0.13. The issue enables remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors related to...

4.3CVSS8.2AI score0.01405EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/22 12:0 a.m.43 views

Request Tracker 3.8.x < 3.8.17 / 4.x < 4.0.13 Multiple Vulnerabilities

According to its self-reported version number, the Best Practical Solutions Request Tracker RT running on the remote web server is version 3.8.x prior to 3.8.17 or version 4.x prior to 4.0.13. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists that allows a...

6.8CVSS7.8AI score0.02428EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2013/05/24 12:0 a.m.33 views

FreeBSD : RT -- multiple vulnerabilities (3a429192-c36a-11e2-97a9-6805ca0b3d42)

Thomas Sibley reports : We discovered a number of security vulnerabilities which affect both RT 3.8.x and RT 4.0.x. We are releasing RT versions 3.8.17 and 4.0.13 to resolve these vulnerabilities, as well as patches which apply atop all released versions of 3.8 and 4.0. The vulnerabilities...

6.8CVSS7.6AI score0.02428EPSS
Exploits0References12
Debian
Debian
added 2013/05/22 7:11 p.m.29 views

[SECURITY] [DSA 2670-1] request-tracker3.8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2670-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 22, 2013 http://www.debian.org/security/faq -...

6.8CVSS0.2AI score0.02428EPSS
Exploits0
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.35 views

Переполнение буфера в mod_ssl под Apache &#40;buffer overflow&#41;

Переполнение буфера при работе с идентификатором сеанса...

2.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder