6 matches found
GHSA-293Q-567P-WMWQ Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
In Spring Security Web, SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...
org.glassfish.mq:mq-client (>=6.4.0 <=6.9.0), org.glassfish.mq:mq-cluster (>=6.4.0 <=6.9.0) +12 more potentially affected by CVE-2026-22886 via org.glassfish.mq:mqbroker-core (>=6.4.0 <=6.9.0)
org.glassfish.mq:mqbroker-core MAVEN version =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.9.0 Source cves: CVE-2026-22886 Source advisory: SNYK:JAVA-ORGGLASSFISHMQ-15444256...
CVE-2023-27557
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM...
PT-2023-1736 · Fortinet · Fortiauthenticator
Name of the Vulnerable Software and Affected Versions: Fortinet FortiAuthenticator versions 6.4.x and earlier Description: The issue is related to an improper restriction of excessive authentication attempts, allowing a remote unauthenticated attacker to partially exhaust CPU and memory by sendin...
CVE-2021-37732
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant...
CVE-2021-25145
A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.1...