DEBIAN-CVE-2023-40184

xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...

The vulnerability of the `process.mainModule.proto.require()` function in the Node.js software platform allows a attacker to compromise the integrity of the protected information.

The vulnerability of the process.mainModule.proto.require function in the Node.js software platform is related to authentication errors. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information...

The vulnerability of the localstorage object in the Mozilla Firefox browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the localstorage storage mechanism in the Mozilla Firefox browser is related to authentication errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Sandbox component in operating systems such as iOS, iPadOS, tvOS, watchOS, and macOS allows attackers to gain access to confidential information.

The vulnerability of the Sandbox component in iOS, iPadOS, tvOS, watchOS, and macOS is related to authentication process errors. Exploiting this vulnerability can allow attackers to access confidential information and also retain user data...

The vulnerability of the Perl programming language library HTTP::Tiny involves authentication process errors, which allow attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Perl programming language library HTTP::Tiny is related to errors in the TLS certificate authentication process. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

PT-2023-3933 · Geovision · Geovision Gv-Adr2701

Name of the Vulnerable Software and Affected Versions: GeoVision GV-ADR2701 affected versions not specified Description: The issue is related to errors in the authentication procedure of the GeoVision GV-ADR2701 IP video surveillance system. An attacker could exploit this by editing the login...

The vulnerability of the Java framework for securing industrial applications using Spring Security stems from configuration errors related to authentication. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. This vulnerability allows attackers to expose sensitive information and enhance their privileges.

The vulnerability of the Java framework for securing industrial applications using Spring Security is related to errors in authentication configuration. These errors can occur when using multiple servlets, including the DispatcherServlet in Spring MVC. Exploiting this vulnerability allows a...

The vulnerability of the Setting Handler component of the Elcomplus SmartPPT server allows a perpetrator to execute arbitrary code.

The vulnerability of the Setting Handler component in the Elcomplus SmartPPT server is related to authentication errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the vgauth module of the VMware Tools component in the VMware ESXi hypervisor allows a attacker to influence the confidentiality and integrity of the protected information.

The vulnerability of the vgauth module in the VMware Tools component of the VMware ESXi hypervisor is related to errors during authentication procedures. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

Notation 数据伪造问题漏洞

Notation is a collection of libraries open-sourced by the Notary Project to support symbolic notation, validation, push and pull oci artifacts. A data forgery issue vulnerability exists in versions prior to Notation v1.0.0-rc.6, which can be exploited by an attacker to corrupt the registry and...

The vulnerability of the built-in software of the ARIS controller, related to authentication errors, allows a intruder to trigger a service failure.

The vulnerability of the built-in software of the ARIS controller is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted network packet...

The vulnerability of the SecurityRequestFilter class in network printing control software such as PaperCut MF and PaperCut NG allows a perpetrator to access user credentials.

The vulnerability of the SecurityRequestFilter class in network printing control software such as PaperCut MF and PaperCut NG is related to errors during authentication processes. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to user credentials...

The vulnerability of the multi-platform web solution for creating Scada systems, Scada-LTS, related to authentication errors, allows a intruder to escalate their privileges.

The vulnerability of the multi-platform web solution for creating Scada systems is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the P5E GNSS satellite receiver’s microprogramming software, related to errors during authentication procedures, allows a violator to increase their privileges.

The vulnerability of the P5E GNSS satellite receiver’s microprogramming software is related to errors during the authentication process. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

The vulnerability of the `process.mainModule.require()` function in the Node.js software platform allows attackers to gain increased privileges.

The vulnerability of the process.mainModule.require function in the Node.js software platform is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of the HMI software for control and monitoring of ABB Symphony Plus S+ Operations, related to errors during authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the HMI software platform for control and monitoring of ABB Symphony Plus S+ Operations is related to errors during the authentication process. Exploiting this vulnerability can allow attackers who operate remotely to gain increased privileges...

The vulnerability of the Atlassian Jira Service Management and Data Center data processing software, related to authentication errors, allows attackers to escalate their privileges.

The vulnerability of the Atlassian Jira Service Management and Data Center data processing software lies in authentication errors. Exploiting this vulnerability can allow attackers to increase their privileges remotely...

The vulnerability of the mobile application for collaborative work with documents, IBM Navigator Mobile for Android operating systems, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IBM Navigator Mobile mobile application for collaborative document work on Android operating systems is related to authentication errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the SAP Disclosure Management tool in terms of authentication errors allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP Disclosure Management reporting tool is related to authentication errors. Exploiting this vulnerability can allow unauthorized actors, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) server, related to certificate validation errors, allows attackers to carry out “man-in-the-middle” attacks and expose the protected information.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server is related to authentication errors. Exploiting this vulnerability allows a malicious actor to carry out “man-in-the-middle” attacks and expose the protected information...