Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-2457

Malware in sbrugna...

10CVSS8.9AI score0.01868EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.21 views

CVE-2021-29456

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on SSO for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to an...

5.7CVSS7AI score0.0051EPSS
Exploits0References1
Veracode
Veracode
added 2025/02/24 3:39 a.m.9 views

Brute-force Attack

github.com/authelia/authelia is vulnerable to Brute-force attacks. The vulnerability is due to the regulation system counting username and email logins separately, which increases the number of allowed attempts for an attacker...

2.3CVSS6.6AI score0.0035EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/21 6:22 p.m.9 views

CVE-2025-24806

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

2.3CVSS7AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2025/02/19 6:15 p.m.36 views

CVE-2025-24806

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

2.3CVSS0.0035EPSS
Exploits0References2
CVE
CVE
added 2025/02/19 5:19 p.m.98 views

CVE-2025-24806

Authelia (open-source authentication server) has a flaw where allowing sign-in via both username and email can cause login events to be counted separately, effectively doubling regulation limits and increasing brute-force risk when two-factor is not enforced or passwords are weak. The issue has a...

2.3CVSS6.8AI score0.0035EPSS
Exploits0References2
Rows per page
Query Builder