3 matches found
Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists
In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists...
CVE-2023-53681
In the Linux kernel, the following vulnerability has been resolved: bcache: Fix bchbtreenodealloc to make the failure behavior consistent In some specific situations, the return value of bchbtreenodealloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a...
SUSE CVE-2010-1633
RSA verification recovery in the EVPPKEYverifyrecover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive...