Vulnerability of the Server component: PAM Auth Plugin of the MySQL Server database management system, which allows attackers to induce a service failure.

The vulnerability of the MySQL Server component’s PAM Auth Plugin is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

Abhinavsingh Proxy.py Authorization Issues Vulnerability

Abhinavsingh Proxy.py is a Python-based proxy server for network monitoring, control and application development, testing, and debugging by Abhinavsingh Personal Developer. A security vulnerability exists in Abhinavsingh Proxy.py version 2.3.1 and earlier versions of AuthPlugin that allows...

Vulnerabilities fixed in Jenkins

Several vulnerabilities have been fixed in Jenkins. A malicious user could potentially exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. A such an attack can lead to the execution of arbitrary script code in the browser used to visit the application. Jenkins developers hav...

CVE-2020-2228

Jenkins Gitlab Authentication Plugin 1.5 and earlier does not perform group authorization checks properly, resulting in a privilege escalation vulnerability...

DEBIAN-CVE-2019-20479

A flaw was found in modauthopenidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning...

CVE-2012-4381

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

DEBIAN-CVE-2012-4381

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

Authentication flaw

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

CVE-2012-4381

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

UBUNTU-CVE-2012-4381

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

CVE-2012-4381

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...

Fedora Update for dovecot FEDORA-2019-5898f4f935

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

nopCommerce Elevation of Privilege Vulnerability

nopCommerce is an open source e-commerce shopping cart software. nopCommerce 4.2.0 suffers from an elevation of privilege vulnerability that can be exploited by an attacker with the help of a specially crafted Facebook Auth plugin...

Privilege escalation

nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin...

CVE-2019-19684

nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin...

MariaDB 5.5.0 < 5.5.39 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.39. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.39 advisory. - Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to...

CloudBees Jenkins Gitlab Authentication Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An authorization issue vulnerability exists in CloudBees Jenkins Gitlab Authentication Plugin, which can be exploited by an unauthorized attacker to impersonate...

CloudBees Jenkins Gitlab Authentication Plugin Input Validation Error Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An input validation error vulnerability exists in the CloudBees Jenkins Gitlab Authentication Plugin, which can be exploited by an attacker to redirect a user to ...

CVE-2019-10372

An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login...

CVE-2019-10371

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...