1245 matches found
CVE-2021-21335
In the SPNEGO HTTP Authentication Module for nginx spnego-http-auth-nginx-module before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of...
CVE-2021-21335
In the SPNEGO HTTP Authentication Module for nginx spnego-http-auth-nginx-module before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of...
Authentication flaw
In the SPNEGO HTTP Authentication Module for nginx spnego-http-auth-nginx-module before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of...
CVE-2021-21335 Basic Authentication can be bypassed using a malformed username
In the SPNEGO HTTP Authentication Module for nginx spnego-http-auth-nginx-module before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of...
CVE-2021-23972
One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://[email protected]'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached...
Backdoor.Win32.Agent.aak Hardcoded Credentials
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Weak Hardcoded Credentials Description: The HTTP backdoor...
Fedora 32 : monitorix (2021-fc24737ebc)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-fc24737ebc advisory. - Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This...
Fedora 33 : monitorix (2021-5f7da70bfe)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-5f7da70bfe advisory. - Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This...
CVE-2020-14246
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
CVE-2020-14246
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
HCL OneTest 安全漏洞
HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. A security vulnerability exists in HCL OneTest...
CVE-2021-3325
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...
CVE-2021-3325
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...
CVE-2021-3325
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...
Design/Logic Flaw
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...
CVE-2021-3325
Monitorix 3.13.0 is vulnerable to bypassing Basic Authentication in default installations lacking hosts_deny configuration due to a newly introduced access-control feature not accounting for existing setups. This is evidenced across multiple sources (NVD/NV OSV/ Fedora advisories) and is addresse...
CVE-2021-3325
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation i.e., an installation without a hostsdeny option. This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an...
Monitorix Security Vulnerabilities
Monitorix is a set of free tools for monitoring system status. The tool supports customization of monitoring settings and can analyze CPU and memory usage, disk access usage, network usage, and more. A security vulnerability exists in Monitorix 3.13.0, which allows remote attackers to bypass basi...
Command injection
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection issue 1 of 4. The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result i...
CVE-2020-17500
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection issue 1 of 4. The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result i...