12 matches found
CVE-2026-22992
In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from monhandleauthdone. This results in higher layers learning that despite...
MAL-2025-192712 Malicious code in auth-handler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d1be042f1565157d9c5e97b927919aa32bedb254b501aa374caf00c242ee83 The package auth-handler was found to contain malicious code...
Malicious code in auth-handler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79d1be042f1565157d9c5e97b927919aa32bedb254b501aa374caf00c242ee83 The package auth-handler was found to contain malicious code...
EUVD-2025-204941
Malicious code in auth-handler npm...
Malicious Package
Overview auth-handler is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Onc...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the isSensitiveSpec function which calls grpcomni.CreateResource without checking if the resource's metadata field is nil. An attacker can cause a server crash and disrupt service availability by sending emp...
EUVD-2022-45355
Malicious code in bioql PyPI...
CLSA-2024-1722527236 Fix CVE(s): CVE-2021-3733
SECURITY UPDATE: Regular Expression Denial of Service - debian/patches/CVE-2021-3733.patch: Fix ReDoS vulnerability in AbstractBasicAuthHandler class of Lib/urllib2.py - CVE-2021-3733...
CVE-2022-42280
The CVE-2022-42280 issue affects NVIDIA DGX BMC SPX REST authorization. An unauthorized attacker could exploit a path traversal to escalate privileges on vulnerable BMC firmware. The NVIDIA advisory lists affected products (DGX Station A100/A800), and specifies a firmware update path with BMC Fir...
DEBIAN-CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...
UBUNTU-CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking...
python-paramiko: Authentication bypass in auth_handler.py
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity...