401 matches found
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CVE-2019-10691
CVE-2019-10691 affects Dovecot, where the JSON encoder in versions prior to 2.3.5.2 can be triggered by an invalid UTF-8 sequence as the username, causing repeated crashes of the authentication service. Connected docs corroborate this with references to Dovecot versions and the vulnerability desc...
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CVE-2019-10691
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...
CentOS 7 : mod_auth_mellon (CESA-2019:0766)
An update for modauthmellon is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
PT-2019-2582 · Dovecot +3 · Dovecot +3
Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 2.3.5.2 Description: The issue is related to the JSON encoder in the authentication service, which can be exploited by attempting to authenticate with an invalid UTF-8 sequence as the username. This can cause the...
ABB Authentication Service Detection (Windows SMB Login)
Detects the installed version of ABB Authentication Service for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
A protocol error occurred while communicating with the authentication service
Adding Store to Receiver for Windows will fail with below mentioned error message:...
StoreFront Loopback Feature analysis when configuring Base URL for load balance
In previous versions of StoreFront such as 2.6 or older, Citrix recommended that you manually modify the hosts file on each StoreFront server to map the fully qualified domain name FQDN of the load balancer to the loopback address or the IP address of the specific StoreFront server. This ensures...
[SECURITY] Fedora 29 Update: php-pear-CAS-1.3.6-1.fc29
This package is a PEAR library for using a Central Authentication Service. Autoloader '%pearphpdir/CAS/Autoload.php';...
[SECURITY] Fedora 27 Update: php-pear-CAS-1.3.6-1.fc27
This package is a PEAR library for using a Central Authentication Service. Autoloader '%pearphpdir/CAS/Autoload.php';...
[SECURITY] Fedora 28 Update: php-pear-CAS-1.3.6-1.fc28
This package is a PEAR library for using a Central Authentication Service. Autoloader '%pearphpdir/CAS/Autoload.php';...
Cross-Site Request Forgery (CSRF) in Auth0
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
CVE-2018-1223
Cloud Foundry Container Runtime kubo-release, versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. A malicious user with the ability to read the application logs could use these credentials to escalate privileges...
Cloud Foundry UAA Design Vulnerability
Cloud Foundry UAA is an authentication and managed service endpoint for the Cloud Foundry cloud platform from the Cloud Foundry Foundation. A security vulnerability exists in Cloud Foundry UAA. A detailed description of the vulnerability is not available at this time...
Cloud Foundry UAA and uaa-release open redirection vulnerabilities
Cloud Foundry UAA and uaa-release are both different versions of the U.S. Cloud Foundry Foundation's authentication and management service endpoints applied to the Cloud Foundry Cloud Platform. A security vulnerability exists in Cloud Foundry UAA and uaa-release that stems from the program's...
Oracle Java SE Unauthorized Access Vulnerability
Oracle Java SE, Java SE Embedded, and JRockit are products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a powerful, reliable, and portable...
CVE-2018-13257
The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...