16 matches found
Apache StreamPark Weak Algorithm Vulnerability
Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a weak algorithmic vulnerability that stems from the use of weak encryption algorithms, which can be exploited by an attacker to expose sensitive...
CVE-2025-12508
CVE-2025-12508 affects BRAIN2: when domain users act as BRAIN2 users, communication with Active Directory services is unencrypted, risking interception of authentication data and confidentiality. Documents consistently identify BRAIN2 as the affected software and describe the unencrypted AD traff...
EUVD-2012-0823
Malware in sbrugna...
EUVD-2021-27114
Malware in sbrugna...
EUVD-2014-4729
Malware in sbrugna...
EUVD-2019-2157
Malware in sbrugna...
CVE-2023-34339
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...
[SECURITY] [DLA 4175-1] mongo-c-driver security update
Debian LTS Advisory DLA-4175-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez May 20, 2025 https://wiki.debian.org/LTS Package : mongo-c-driver Version : 1.17.6-1+deb11u1 CVE ID : CVE-2021-32050 CVE-2023-0437 CVE-2024-6381 CVE-2024-6383 CVE-2025-0755 Multiple...
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...
PT-2024-5018 · Unknown +2 · Rpm-Ostree +2
Name of the Vulnerable Software and Affected Versions: rpm-ostree affected versions not specified Description: A security issue has been found in rpm-ostree, related to the /etc/shadow file having the world-readable bit enabled in default builds. This is due to default permissions being set highe...
PT-2023-4650 · Mongodb +2 · Mongodb Node.Js Driver +5
Name of the Vulnerable Software and Affected Versions: MongoDB C Driver versions 1.0.0 through 1.17.7 MongoDB PHP Driver versions 1.0.0 through 1.9.2 MongoDB Swift Driver versions 1.0.0 through 1.1.1 MongoDB Node.js Driver 3.6 versions 3.6 through 3.6.10 MongoDB Node.js Driver 4.0 versions 4.0...
GHSA-C5FP-X2H5-VJV7 Apache Pulsar Java Client vulnerable to Improper Certificate Validation
Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client to the Pulsar Broker/Proxy and connections from the Pulsar Proxy to the Pulsar Broker are vulnerable. Authentication...
PT-2022-21797 · Apache · Apache Pulsar Java Client
Name of the Vulnerable Software and Affected Versions: Apache Pulsar Java Client versions 2.6.4 and earlier Apache Pulsar Java Client versions 2.7.0 through 2.7.4 Apache Pulsar Java Client versions 2.8.0 through 2.8.3 Apache Pulsar Java Client versions 2.9.0 through 2.9.2 Apache Pulsar Java Clien...
CVE-2021-41011
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information...
PT-2021-13890 · Mongodb · Mongodb C Driver
Name of the Vulnerable Software and Affected Versions: MongoDB C Driver versions 2.12.0 through 2.12.1 Description: The MongoDB C Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain...
CVE-2018-0335
A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring...