Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

333 matches found

Debian CVE
Debian CVEadded 2021/03/15 4:51 a.m.26 views

CVE-2021-28374

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...

7.5CVSS7.4AI score0.00286EPSS
Exploits0
CVE
CVEadded 2021/03/15 4:51 a.m.235 views

CVE-2021-28374

The CVE-2021-28374 issue affects the Debian courier-authlib package prior to 0.71.1-2 for Courier Authentication Library, which creates /run/courier/authdaemon with weak permissions, enabling an attacker to read user information (potentially including a cleartext password hash). The vulnerability...

7.5CVSS7.3AI score0.00286EPSS
Exploits0References2Affected Software1
Fedora
Fedoraadded 2020/12/10 1:27 a.m.24 views

[SECURITY] Fedora 32 Update: python-authlib-0.14.3-1.fc32

Python library for building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included...

7.5CVSS3AI score0.00572EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/12/10 12:0 a.m.21 views

Fedora 32 : matrix-synapse / python-authlib / python-canonicaljson / etc (2020-b90dac7fc4)

Update matrix-synapse to 1.23.0 to resolve CVE-2020-26890. There may be breaking changes, please review prior to upgrade : https://github.com/matrix-org/synapse/blob/develop/UPGRADE.rst Note that Tenable Network Security has extracted the preceding description block directly from the Fedora updat...

7.5CVSS7.1AI score0.00572EPSS
Exploits0References3
OpenVAS
OpenVASadded 2020/12/10 12:0 a.m.12 views

Fedora: Security Advisory for python-authlib (FEDORA-2020-b90dac7fc4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.00572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2013/04/20 12:0 a.m.13 views

Mandriva Linux Security Advisory : courier-authlib (MDVSA-2013:068)

When using the authpgsql module and if the Postgres server goes down, authpgsql will start leaking memory. A packaging flaw was discovered that caused the courier-authlib-devel package to be installed when installing for example maildrop. This update fixes both of these issues. %NASLMINLEVEL 7030...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2009/07/21 12:0 a.m.22 views

openSUSE Security Update : courier-authlib (courier-authlib-370)

Insufficient quoting allowed attackers to inject SQL statements when using the pgsql backend CVE-2008-2380. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-370. The text...

5.1CVSS5.6AI score0.00605EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2009/07/21 12:0 a.m.21 views

openSUSE Security Update : courier-authlib (courier-authlib-391)

Insufficient quoting allowed attackers to inject SQL statements when using the pgsql backend CVE-2008-2380. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-391. The text...

5.1CVSS5.6AI score0.00605EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2009/07/21 12:0 a.m.16 views

openSUSE Security Update : courier-authlib (courier-authlib-370)

Insufficient quoting allowed attackers to inject SQL statements when using the pgsql backend CVE-2008-2380. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-370. The text...

5.1CVSS5.6AI score0.00605EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2009/07/21 12:0 a.m.19 views

openSUSE Security Update : courier-authlib (courier-authlib-42)

This update of courier-authlib fixes a bug that allowed SQL injections. CVE-2008-2667 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-42. The text description of this plugin is...

5.1CVSS5.3AI score0.01583EPSS
Exploits0References2
OpenVAS
OpenVASadded 2009/03/13 12:0 a.m.20 views

Gentoo Security Advisory GLSA 200903-25 (courier-authlib)

The remote host is missing updates announced in advisory GLSA 200903-25. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

5.1CVSS6.5AI score0.00605EPSS
Exploits1References2
OpenVAS
OpenVASadded 2008/12/29 12:0 a.m.7 views

Debian: Security Advisory (DSA-1688-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.6AI score0.01583EPSS
Exploits1References3
OpenVAS
OpenVASadded 2008/12/29 12:0 a.m.21 views

Debian Security Advisory DSA 1688-2 (courier-authlib)

The remote host is missing an update to courier-authlib announced via advisory DSA 1688-2. OpenVAS Vulnerability Test $Id: deb16882.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1688-2 courier-authlib Authors: Thomas Reinke Copyright: Copyright c 2008...

5.1CVSS0.5AI score0.01583EPSS
Exploits1
OpenVAS
OpenVASadded 2008/12/23 12:0 a.m.27 views

Debian Security Advisory DSA 1688-1 (courier-authlib)

The remote host is missing an update to courier-authlib announced via advisory DSA 1688-1. OpenVAS Vulnerability Test $Id: deb16881.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1688-1 courier-authlib Authors: Thomas Reinke Copyright: Copyright c 2008...

5.1CVSS0.4AI score0.01583EPSS
Exploits1
OpenVAS
OpenVASadded 2008/12/23 12:0 a.m.16 views

Debian: Security Advisory (DSA-1688-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.5AI score0.01583EPSS
Exploits1References2
Debian
Debianadded 2008/12/22 11:18 p.m.20 views

[SECURITY] [DSA 1688-2] New courier-authlib packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1688-2 [email protected] http://www.debian.org/security/ Steffen Joeris December 22, 2008 http://www.debian.org/security/faq -...

5.1CVSS7.5AI score0.01583EPSS
Exploits1
NVD
NVDadded 2008/12/22 3:30 p.m.9 views

CVE-2008-2380

SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...

5.1CVSS8AI score0.00605EPSS
Exploits1References7
OSV
OSVadded 2008/12/22 3:30 p.m.3 views

CVE-2008-2380

SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...

8.1AI score
Exploits0References7
OSV
OSVadded 2008/12/22 3:30 p.m.1 views

DEBIAN-CVE-2008-2380

SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...

5.1CVSS8.3AI score0.00605EPSS
Exploits1References1
Prion
Prionadded 2008/12/22 3:30 p.m.10 views

Sql injection

SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...

5.1CVSS8.5AI score0.00605EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder