128 matches found
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: wireguard-go, grpcurl, go, kubeflow, dynamic-localpv-provisioner-fips, terraform-provider-sendgrid-fips, gke-gcloud-auth-plugin, kube-state-metrics, hey, kubeflow-fips, k3d, dynamic-localpv-provisioner, falco, restic, terraform-provider-sendgrid...
Information Disclosure
rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: PAM Auth Plugin component, allowing attackers to modify the critical data or all MySQL Server accessible data through the multiple protocols...
GHSA-WCJJ-QM5V-J4PC Jenkins Reverse Proxy Auth Plugin vulnerable due to plaintext storage of passwords
Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
Jenkins Reverse Proxy Auth Plugin vulnerable due to plaintext storage of passwords
Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
CVE-2022-45384
CVE-2022-45384 affects the Jenkins Reverse Proxy Auth Plugin. Versions 1.7.3 and earlier store the LDAP manager password unencrypted in the Jenkins controller’s global config.xml, enabling access by anyone with filesystem access to the controller. The vulnerability is triggered by plaintext stora...
PT-2022-27486 · Jenkins · Jenkins Reverse Proxy Auth Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Reverse Proxy Auth Plugin versions 1.7.3 and earlier Description: The issue allows attackers with access to the Jenkins controller file system to view the LDAP manager password, which is stored unencrypted in the global config.xml fil...
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system...
Information Disclosure
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: PAM Auth Plugin component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data...
mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
FreeBSD : MySQL -- Multiple vulnerabilities (8e150606-08c9-11ed-856e-d4c9ef517024)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8e150606-08c9-11ed-856e-d4c9ef517024 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the inp...
CVE-2022-21455
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21455
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
UBUNTU-CVE-2022-21455
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21455
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21455
CVE-2022-21455 affects Oracle MySQL Server PAM Auth Plugin in MySQL 8.0.28 and earlier. The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to compromise MySQL Server, potentially allowing unauthorized creation, deletion, or modification of critical da...
PT-2022-3730 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: PAM Auth Plugin component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols...