Lucene search
K

61 matches found

Veracode
Veracode
added 2022/10/16 11:29 p.m.68 views

Authentication Bypass

erlang is vulnerable to Authentication Bypass. The vulnerability exists in due to improper authentication which allows an attacker to access client certifications via the external database authentication...

9.8CVSS9AI score0.01167EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2022/09/30 5:24 a.m.29 views

Authentication Bypass

moodle/moodle is vulnerable to authentication bypass. The vulnerability exists in the userlogin function of auth.php due to a type juggling, which allows an attacker to access restricted domains via the external database authentication...

6.5CVSS5.1AI score0.00825EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2022/09/30 5:23 a.m.32 views

Arbitrary File Read

moodle/moodle is vulnerable to information disclosure. The vulnerability exists in the tempdir parameter inlatex.php due to a lack of validation in external database authentication which allows an attacker to gain access to the files and read sensitive information...

4.9CVSS3.1AI score0.00901EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/09/30 12:0 a.m.27 views

Moodle type juggling vulnerability

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

6.5CVSS6.9AI score0.00825EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/09/30 12:0 a.m.24 views

GHSA-2JXG-MV2M-J4R7 Moodle type juggling vulnerability

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

6.5CVSS6.4AI score0.00825EPSS
Exploits0References3
Prion
Prion
added 2022/09/29 3:15 a.m.20 views

Authentication flaw

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

4CVSS6.5AI score0.00825EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2022/09/29 3:15 a.m.39 views

CVE-2021-40693

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

6.5CVSS6.9AI score0.00825EPSS
Exploits0References1
OSV
OSV
added 2022/09/29 3:15 a.m.3 views

UBUNTU-CVE-2021-40693

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

6.5CVSS6.9AI score0.00825EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/05/20 10:48 p.m.23 views

CVE-2021-40693

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

2.8AI score0.00825EPSS
Exploits0References1
MongoDB
MongoDB
added 2022/05/11 12:0 a.m.60 views

MongoDB Server (mongod) may crash in response to unexpected requests

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

6.5CVSS4.2AI score0.0084EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2022/04/22 4:54 a.m.52 views

CVE-2022-24272

A flaw was found in the MongoDB database when requesting unexpected queries due to incorrect validation on the $external database. This flaw allows an attacker to cause a denial of service on the database or a server crash...

6.5CVSS3.4AI score0.0084EPSS
Exploits2References4
Prion
Prion
added 2022/04/21 11:15 a.m.25 views

Input validation

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

4CVSS6.4AI score0.0084EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2022/04/21 11:15 a.m.2 views

UBUNTU-CVE-2022-24272

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

6.5CVSS5.8AI score0.0084EPSS
Exploits2References3
Cvelist
Cvelist
added 2022/04/21 10:45 a.m.21 views

CVE-2022-24272 MongoDB Server (mongod) may crash in response to unexpected requests

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

6.5CVSS6.7AI score0.0084EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2022/04/21 12:0 a.m.4 views

PT-2022-16577 · Mongodb · Mongodb Server +1

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to and including v5.0.6 Description: An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of...

6.5CVSS6.3AI score0.0084EPSS
Exploits2References11
Cvelist
Cvelist
added 2022/01/21 6:17 p.m.28 views

CVE-2021-40693

An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability...

6.7AI score0.00825EPSS
Exploits0References1
CVE
CVE
added 2022/01/21 6:17 p.m.69 views

CVE-2021-40693

CVE-2021-40693 describes an authentication bypass risk in the Moodle external database authentication functionality caused by a type juggling vulnerability. Connected sources reference this CVE across multiple advisories (GitHub GHSA-2JXG-MV2M-J4R7, OSV, and Nessus/NVD context) and reiterate the ...

6.5CVSS6.3AI score0.00825EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/22 12:0 a.m.6 views

PT-2022-11302 · Alt Linux · Alt Linux

Name of the Vulnerable Software and Affected Versions: ALT Linux affected versions not specified Description: An authentication bypass risk was identified due to a type juggling vulnerability in the external database authentication functionality. Recommendations: At the moment, there is no...

9.8CVSS6.2AI score0.52299EPSS
Exploits18References99
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.13 views

Moodle 授权问题漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from a type juggling issue in the external database authentication...

6.5CVSS7.1AI score0.00825EPSS
Exploits0References4
OSV
OSV
added 2021/07/08 11:15 a.m.4 views

CVE-2021-31817

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...

7.5CVSS5.8AI score0.00858EPSS
Exploits0References1
Rows per page
Query Builder