CVE-2019-1003018

An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve the...

PT-2019-11316 · Jenkins · Jenkins Gitlab Authentication Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins GitHub Authentication Plugin versions 0.29 and earlier Description: An exposure of sensitive information issue exists that allows attackers, who can view a Jenkins administrator's web browser output or control the browser, to retrieve...

Seven Must-Dos to Secure MySQL 8.0

Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...

Seven Must-Dos to Secure MySQL 8.0

Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...

UBUNTU-CVE-2017-7537

It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates...

CVE-2017-0356

A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters...

Joomla! LDAP injection leads to bypass the login authentication vulnerability bugCVE-2017-14596-vulnerability warning-the black bar safety net

With more than 8400 million downloads, Joomla! Is now the Internet's most popular CMS. It hosts a collection of world all website content and articles 3. 3 per cent. The use of code elucidating the object RIPS in the login controller detects a snapped celecoxib no invention of the LDAP injection...

RedHat Update for pki-core RHSA-2017:2335-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Solr Inter-Node Communication Vulnerability (SOLR-10624) - Windows

Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node i...

Apache Solar 5.5.4 / 6.5.1 Member Spoofing Vulnerability

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...

Authentication flaw

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...

CVE-2017-7660

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...

MySQL 5.6.x < 5.6.20 Multiple Vulnerabilities (October 2014 CPU)

The version of MySQL installed on the remote host is version 5.6.x prior to 5.6.20. It is, therefore, affected by errors in the following components : - CLIENT:MYSQLADMIN - CLIENT:MYSQLDUMP - SERVER:CHARACTER SETS - SERVER:DML - SERVER:MEMORY STORAGE ENGINE - SERVER:MyISAM - SERVER:PRIVILEGES...

CVE-2014-3552

The Shibboleth authentication plugin in auth/shibboleth/index.php in Moodle through 2.3.11, 2.4.x before 2.4.11, and 2.5.x before 2.5.7 does not check whether a session ID is empty, which allows remote authenticated users to hijack sessions via crafted plugin interaction...

CVE-2014-3552

The CVE-2014-3552 entry concerns Moodle’s Shibboleth authentication plugin (auth/shibboleth/index.php). It affects Moodle versions up to 2.3.11, 2.4.x prior to 2.4.11, and 2.5.x prior to 2.5.7, where the plugin fails to check for an empty session ID. This allows remote authenticated users to hija...

Fedora Update for dovecot FEDORA-2012-19752

Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2012-19752 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...