61 matches found
Authentication Bypass
erlang is vulnerable to Authentication Bypass. The vulnerability exists in due to improper authentication which allows an attacker to access client certifications via the external database authentication...
Authentication Bypass
moodle/moodle is vulnerable to authentication bypass. The vulnerability exists in the userlogin function of auth.php due to a type juggling, which allows an attacker to access restricted domains via the external database authentication...
Arbitrary File Read
moodle/moodle is vulnerable to information disclosure. The vulnerability exists in the tempdir parameter inlatex.php due to a lack of validation in external database authentication which allows an attacker to gain access to the files and read sensitive information...
Moodle type juggling vulnerability
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
GHSA-2JXG-MV2M-J4R7 Moodle type juggling vulnerability
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
Authentication flaw
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
UBUNTU-CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
MongoDB Server (mongod) may crash in response to unexpected requests
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...
CVE-2022-24272
A flaw was found in the MongoDB database when requesting unexpected queries due to incorrect validation on the $external database. This flaw allows an attacker to cause a denial of service on the database or a server crash...
Input validation
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...
UBUNTU-CVE-2022-24272
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...
CVE-2022-24272 MongoDB Server (mongod) may crash in response to unexpected requests
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...
PT-2022-16577 · Mongodb · Mongodb Server +1
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to and including v5.0.6 Description: An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of...
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...
CVE-2021-40693
CVE-2021-40693 describes an authentication bypass risk in the Moodle external database authentication functionality caused by a type juggling vulnerability. Connected sources reference this CVE across multiple advisories (GitHub GHSA-2JXG-MV2M-J4R7, OSV, and Nessus/NVD context) and reiterate the ...
PT-2022-11302 · Alt Linux · Alt Linux
Name of the Vulnerable Software and Affected Versions: ALT Linux affected versions not specified Description: An authentication bypass risk was identified due to a type juggling vulnerability in the external database authentication functionality. Recommendations: At the moment, there is no...
Moodle 授权问题漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from a type juggling issue in the external database authentication...
CVE-2021-31817
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...