ROS-20260203-73-0006

A vulnerability in the auth.c component of the Linux kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

PT-2024-31254 · Unknown · Picuploader

Name of the Vulnerable Software and Affected Versions: PicUploader version fcf82ea Description: A cross-site scripting XSS issue exists in the /auth/AzureRedirect.php component, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error description...

Amazon Linux 2 : dovecot (ALAS-2023-2365)

The version of dovecot installed on the remote host is prior to 2.2.36-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2365 advisory. An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist wi...

Rocky Linux 8 : dovecot (RLSA-2022:7623)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7623 advisory. - An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args...

@basket/get (>=1.1.0 <=1.2.2), @bitovi/incremental (>=1.0.0 <=1.0.2) +50 more potentially affected by CVE-2022-37257 via steal (>=0.12.9 <=2.3.0)

steal NPM version =0.12.9, =1.1.0, =1.0.0, =1.0.0, =0.0.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1-0, =0.3.0, =1.0.0, =0.4.0, =0.7.3 and more Source cves: CVE-2022-37257 Source advisory: OSV:GHSA-93Q5-3XPC-8VG3...

CVE-2022-30550

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead...

CVE-2022-30550

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead...

CVE-2022-30550

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-41455)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in MySQL Server 5.7.30 and earlier and Server 8.0.20 and earlier in Oracle MySQL: Pluggable Auth component. An attack...

CVE-2016-8652

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service crash by aborting authentication without setting a username...

CVE-2016-8652

The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service crash by aborting authentication without setting a username...

CVE-2016-8652

The CVE-2016-8652 affects the Dovecot auth component when the auth-policy is enabled. The vulnerability allows a remote attacker to cause a denial-of-service (crash) by aborting authentication without a username, with affected versions listed as Dovecot prior to 2.2.27 (OpenVAS references note a ...