Lucene search
K

159 matches found

NVD
NVD
added 2021/07/26 5:15 p.m.23 views

CVE-2021-32791

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

5.9CVSS0.01503EPSS
Exploits0References7
OSV
OSV
added 2021/07/26 5:15 p.m.28 views

CVE-2021-32792

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, there is an XSS vulnerability in when using OIDCPreservePost ...

6.1CVSS5.9AI score
Exploits0References8
OSV
OSV
added 2021/07/26 5:15 p.m.34 views

CVE-2021-32791

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

5.9CVSS6.6AI score
Exploits0References7
Debian CVE
Debian CVE
added 2021/07/26 12:0 a.m.32 views

CVE-2021-32792

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, there is an XSS vulnerability in when using OIDCPreservePost ...

6.1CVSS6.4AI score0.01523EPSS
Exploits0
Debian CVE
Debian CVE
added 2021/07/26 12:0 a.m.45 views

CVE-2021-32791

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

5.9CVSS6.1AI score0.01503EPSS
Exploits0
NVD
NVD
added 2021/07/22 10:15 p.m.24 views

CVE-2021-32785

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...

7.5CVSS0.02731EPSS
Exploits0References6
NVD
NVD
added 2021/07/22 10:15 p.m.23 views

CVE-2021-32786

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, oidcvalidateredirecturl does not parse URLs the same way as most browsers...

6.1CVSS0.02364EPSS
Exploits1References9
OSV
OSV
added 2021/07/22 10:15 p.m.31 views

CVE-2021-32786

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, oidcvalidateredirecturl does not parse URLs the same way as most browsers...

6.1CVSS6.5AI score
Exploits0References9
OSV
OSV
added 2021/07/22 10:15 p.m.30 views

CVE-2021-32785

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...

7.5CVSS7.2AI score
Exploits0References6
Cvelist
Cvelist
added 2021/07/22 12:0 a.m.48 views

CVE-2021-32786 Open Redirect in oidc_validate_redirect_url()

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, oidcvalidateredirecturl does not parse URLs the same way as most browsers...

4.7CVSS6.6AI score0.02364EPSS
Exploits1References9
Cvelist
Cvelist
added 2021/07/22 12:0 a.m.57 views

CVE-2021-32785 Format string bug in the Redis cache implementation

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...

5.3CVSS7.9AI score0.02731EPSS
Exploits0References6
Fedora
Fedora
added 2021/06/11 1:15 a.m.42 views

[SECURITY] Fedora 34 Update: mod_auth_openidc-2.4.8.4-1.fc34

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

7.5CVSS1.8AI score0.03395EPSS
Exploits0
GithubExploit
GithubExploit
added 2021/02/13 6:16 a.m.127 views

Exploit for Unrestricted Upload of File with Dangerous Type in Magento

PoC Limited CVE-2021-21014 Magento versions 2.4.1 and ear...

9.1CVSS9.5AI score0.04213EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for mod_auth_openidc (FEDORA-2020-1106ece93a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.01846EPSS
Exploits0References2
Fedora
Fedora
added 2020/06/14 5:11 p.m.39 views

[SECURITY] Fedora 31 Update: mod_auth_openidc-2.4.2.1-1.fc31

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.01846EPSS
Exploits0
Fedora
Fedora
added 2020/06/14 5:3 p.m.32 views

[SECURITY] Fedora 32 Update: mod_auth_openidc-2.4.2.1-1.fc32

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.01846EPSS
Exploits0
exploitpack
exploitpack
added 2019/11/21 12:0 a.m.28 views

TestLink 1.9.19 - Persistent Cross-Site Scripting

TestLink 1.9.19 - Persistent Cross-Site Scripting Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/21 12:0 a.m.497 views

TestLink 1.9.19 - Persistent Cross-Site Scripting

Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...

7AI score
Exploits0
Fedora
Fedora
added 2019/10/26 5:36 p.m.40 views

[SECURITY] Fedora 31 Update: mod_auth_openidc-2.4.0.3-1.fc31

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

8.6CVSS1.8AI score0.05177EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/30 12:0 a.m.31 views

CentOS 7 : mod_auth_openidc (CESA-2019:2112)

An update for modauthopenidc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.6CVSS6.8AI score0.05177EPSS
Exploits0References3
Rows per page
Query Builder