EUVD-2019-3248

Malware in sbrugna...

CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

DEBIAN-CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

Design/Logic Flaw

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

Information Disclosure

dhcpcd5 is vulnerable to information disclosure. The auth.c module allows attackers to infer secrets by performing latency attacks...

CVE-2019-11578

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks...

CVE-2019-11578

auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks...

CVE-2019-11578

The CVE-2019-11578 entry concerns dhcpcd’s auth.c, with the vulnerability present in versions before 7.2.1. The underlying issue is a latency-based information disclosure that could allow an attacker to infer secrets, yielding partial confidentiality impact. Affected software is dhcpcd; root caus...

Design/Logic Flaw

The recvmsguserauthrequest function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSHMSGUSERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase...

CVE-2018-15599

The recvmsguserauthrequest function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSHMSGUSERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase...

X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities

Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...

Authorization

The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVEGSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service infinite loop via HTTPUNAUTHORIZED responses...

x11vnc -- authentication bypass vulnerability

Ludwig Nussel reports that x11vnc is vulnerable to an authentication bypass vulnerability. The vulnerability is caused by an error in auth.c. This could allow a remote attacker to gain unauthorized and unauthenticated access to the system...

[UNIX] Dropbear SSH Server Format String Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...