CVE-2022-45546

Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...

CVE-2022-45546

Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...

CVE-2022-45546

CVE-2022-45546 affects ScreenCheck BadgeMaker 2.6.2.0. The information disclosure occurs in the Authentication component, enabling an internal attacker to obtain authentication credentials via network sniffing. Public sources in the connected documents consistently describe credential exposure th...

CVE-2022-45546

Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...

CVE-2022-45546

Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...

PT-2022-27689 · Unknown · Opendaylight

Name of the Vulnerable Software and Affected Versions: OpenDaylight versions prior to 0.16.5 Description: A SQL injection issue was discovered in the AAA component of OpenDaylight. The deleteDomain function in DomainStore.java is affected, specifically for the "/auth/v1/domains/" API interface...

Oracle Linux 9 : dovecot (ELSA-2022-8208)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8208 advisory. 1:2.3.16-7.0.1 - do not run systemd commands during leapp upgrade Orabug: 34680501 1:2.3.16-7 - fix possible privilege escalation when similar master and...

AlmaLinux 9 : dovecot (ALSA-2022:8208)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8208 advisory. - An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args...

ALPINE-CVE-2022-30550

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead...

CVE-2022-30550

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead...

Design/Logic Flaw

An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver 1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52 may allow a local user to execute arbitrary code...

CVE-2022-20778 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...

SUSE-SU-2022:0860-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: Security issue fixed: - CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877. Non-security issues fixed: - Fix PAC pointer authentication in ARM. bsc1195856 - Pull libopenssl-11 when updating openssl-11 wit...

Oracle E-Business Suite Sales Offline Denial of Service (CVE-2021-2189)

An infinite loop vulnerability exists in the Sales Offline component of Oracle E-Business Suite. The vulnerability is due to improper handling of requests by the authentication component of Sales Offline...

CVE-2020-11650

An issue was discovered in iXsystems FreeNAS and TrueNAS 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent...

The vulnerability of the component for integrating various authentication methods in the Astra Linux operating system allows a hacker to circumvent security policies set by the system, due to configuration errors in the password policies for user domain accounts.

The vulnerability of the component for integrating various authentication methods in the Astra Linux operating system is related to configuration errors in password policies, which result in the lack of checks to ensure that the specified restrictions on user domain account passwords are met...

The vulnerability of the component for integrating various authentication methods in the Astra Linux operating system arises from the use of unstable cryptographic hash functions for storing Unix passwords. This allows a hacker to gain unauthorized access to the system.

The vulnerability of the component for integrating various authentication methods in the Astra Linux operating system is related to the use of unstable cryptographic hash functions for storing Unix passwords. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the...

KLA11734 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use after free...

The vulnerability of the 802.1X component of the Mac OS X operating system allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the 802.1X component in the Mac OS X operating system is related to errors in the implementation of the TLS 1.0 protocol. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

USN-3286-1 kde4libs vulnerability

Sebastian Krahmer discovered that the KDE-Libs Kauth component incorrectly checked services invoking D-Bus. A local attacker could use this issue to gain root privileges...