EUVD-2022-0821

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-26892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. CVE-2020-26892 Note that Nessus...

CVE-2025-2291

Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password...

Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library

Not invoking a call to pamacctmgmt after a call to pamauthenticate to check the validity of a login can lead to an authorization bypass. Impact Exploitability The attack can be carried over the network. A complex non-standard configuration or a specialized condition is required for the attack to ...

PT-2022-28248 · Go · Github.Com/Mohammed90/Caddy-Ssh

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned, however, the issue is related to PAM Pluggable Authentication Modules and its implementation in a certain project, implying that the affected software is a PAM-based authentication system, but the...

Cockpit Access Control Error Vulnerability

Cockpit is an interactive server management interface. An access control error vulnerability exists in Cockpit versions prior to 2.2.0 that stems from insufficient session expiration. An attacker could exploit the vulnerability to take control of an account using expired session credentials...

CVE-2022-26562

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

CVE-2022-26562

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

UBUNTU-CVE-2022-26562

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

PT-2022-17932 · Zarafa +3 · Zarafa Collaboration Platform +3

Name of the Vulnerable Software and Affected Versions: Kopano Core versions 11.0.2.51 and earlier Zarafa Collaboration Platform versions 6.30 through 6.30.8 Description: The issue allows attackers to authenticate even if the user account or password is expired. This is due to a problem in the...

Insecure Session Management

github.com/nats-io/nats-server uses an insecure session management. Expired credentials are not properly handled,...

Incorrect handling of credential expiry by /nats-io/nats-server

This advisory is canonically https://advisories.nats.io/CVE/CVE-2020-26892.txt Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credentials; the library had an...

CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

DEBIAN-CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

Code injection

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

UBUNTU-CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

CVE-2020-26892

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled...

Change of Expired LDAP Password on NetScaler During Log On Fails Intermittently

Changing the expired LDAP password at the time of user login via NetScaler Gateway due to password-expiry may fail and demonstrate itself on the login page as: "Incorrect credentials. Try again." or "Cannot connect. Try connecting again." ifEnhanced Authentication Feedback is enabled: At the time...