Lucene search
K

138 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-3208

Malware in sbrugna...

5CVSS6.4AI score0.01265EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-1121

Malware in sbrugna...

4.3CVSS6.1AI score0.02508EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.15 views

CVE-2013-0931

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration...

5.4CVSS6.9AI score0.00548EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.21 views

CVE-2013-0942

Cross-site scripting XSS vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.0237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:31 a.m.9 views

CVE-2013-3280

EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash...

7.5CVSS7AI score0.0228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:31 a.m.9 views

CVE-2013-3271

EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack...

5CVSS7AI score0.01265EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/10/03 9:15 p.m.5 views

CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

6.1CVSS6.4AI score0.00368EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.6 views

Cisco Duo 安全漏洞

Cisco Duo is a fully managed solution from Cisco, Inc. providing secure access to your applications and data. A security vulnerability exists in Cisco Duo that stems from a flaw in the logging component of the authentication agent that could allow an authenticated, remote attacker to view sensiti...

6.5CVSS6.5AI score0.00476EPSS
Exploits0References3
Fedora
Fedora
added 2023/02/25 3:48 a.m.16 views

[SECURITY] Fedora 37 Update: polkit-kde-5.27.1-1.fc37

Provides Policy Kit Authentication Agent that nicely fits to KDE...

2.4AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.35 views

K56231955: RSA Authentication Agent vulnerabilities CVE-2018-1232, CVE-2018-1233, and CVE-2018-1234

Security Advisory Description CVE-2018-1232 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit...

7.5CVSS6.5AI score0.0282EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.5 views

SUSE CVE-2015-3218

The authenticationagentnew function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit aka polkit before 0.113 allows local users to cause a denial of service NULL pointer dereference and polkitd daemon crash by calling RegisterAuthenticationAgent with an invalid object path...

2.1CVSS5.9AI score0.00415EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.2 views

SUSE CVE-2015-4625

Integer overflow in the authenticationagentnewcookie function in PolicyKit aka polkit before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value...

4.6CVSS6.5AI score0.00405EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.3 views

SUSE CVE-2019-3827

An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...

6.7CVSS7.4AI score0.00368EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2022/04/30 5:53 a.m.277 views

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploitation Authentication Agent ====...

7.8CVSS8.4AI score0.22193EPSS
Exploits37
GithubExploit
GithubExploit
added 2022/04/29 6:57 p.m.406 views

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploit Authentication Agent ====...

7.8CVSS8.6AI score0.22193EPSS
Exploits37
OSV
OSV
added 2022/03/13 12:15 a.m.8 views

CVE-2021-36368

An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authenticatio...

3.7CVSS4.2AI score0.01677EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.10 views

Fedora: Security Advisory for polkit-kde (FEDORA-2021-85c9774673)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.01563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/12/02 12:0 a.m.40 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : gvfs Vulnerability (NS-SA-2019-0224)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gvfs packages installed that are affected by a vulnerability: - An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users...

7CVSS7.1AI score0.00368EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.28 views

gvfs security and bug fix update

1.36.2-3 - Force NT1 protocol version for workgroup support 1619719 1.36.2-2 - Prevent spawning new daemons if outgoing operation exists 1632960 - CVE-2019-3827: Prevent access if any authentication agent isnt available 1673887...

7CVSS3.2AI score0.00368EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/08/06 12:30 p.m.4 views

gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password

An incorrect permission check in the admin backend in gvfs was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users...

7CVSS5.8AI score0.00368EPSS
Exploits0References4
Rows per page
Query Builder