Lucene search
+L

147 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.4 views

SUSE CVE-2006-2607

docommand.c in Vixie cron vixie-cron 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in...

7.2CVSS7.1AI score0.00565EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/11/17 12:0 a.m.3 views

MediaWiki 跨站脚本漏洞

MediaWiki is a free and free-to-use web-based wiki engine from the US-based MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.MediaWiki version 1.1 contains a cross-site scripting vulnerability, which stems from the ScratchLogin...

4.8CVSS6.1AI score0.00358EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2022/10/11 7:0 a.m.75 views

October 11, 2022—KB5018425 (OS Build 10240.19507) - EXPIRED

None None...

8.8CVSS6.8AI score0.56269EPSS
Exploits0
ThreatPost
ThreatPost
added 2022/06/14 1:7 p.m.20 views

What the New OWASP Top 10 Changes Mean to You?

The Open Web Application Security Project OWASP recently updated its top 10 list of the most critical security risks to web applications after 4 years. It represents the most radical shake up since the list was introduced in 2003. The changes will undoubtedly have a big impact on how businesses...

10CVSS9AI score0.11084EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2022/05/19 12:0 a.m.7 views

KB5014986: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 R2

KB5014986: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 R2 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a serve...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2022/05/19 12:0 a.m.10 views

May 19, 2022—KB5015013 (OS Build 20348.709) Out-of-band

None None...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2022/05/19 12:0 a.m.11 views

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a server o...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2022/05/19 12:0 a.m.7 views

KB5014990: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2008 SP2

KB5014990: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2008 SP2 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a serv...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2022/05/19 12:0 a.m.4 views

May 19, 2022—KB5015019 (OS Build 14393.5127) Out-of-band

None None...

6.1AI score
Exploits0
CISA
CISA
added 2022/05/13 12:0 a.m.117 views

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations migh...

4.3CVSS2.1AI score0.10461EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2022/05/12 7:0 a.m.110 views

May 10, 2022—KB5014018 (Security-only update)

None None...

9.8CVSS6.8AI score0.80933EPSS
Exploits3
Microsoft KB
Microsoft KB
added 2022/05/12 7:0 a.m.175 views

May 10, 2022—KB5014001 (Security-only update)

None None...

9.8CVSS6.8AI score0.83277EPSS
Exploits11
Microsoft KB
Microsoft KB
added 2022/05/12 7:0 a.m.141 views

May 10, 2022—KB5014017 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.80933EPSS
Exploits3
Microsoft KB
Microsoft KB
added 2022/05/12 7:0 a.m.270 views

May 10, 2022—KB5014011 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.83277EPSS
Exploits11
Rapid7 Blog
Rapid7 Blog
added 2021/12/01 2:56 p.m.50 views

OWASP Top 10 Deep Dive: Identification and Authentication Failures

In the 2021 edition of the OWASP top 10 list, Broken Authentication was changed to Identification and Authentication Failures. This term bundles in a number of existing items like cryptography failures, session fixation, default login credentials, and brute-forcing access. Additionally, this...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/11/09 8:0 a.m.503 views

November 9, 2021—KB5007247 (Monthly Rollup)

None None...

8.8CVSS6.8AI score0.74265EPSS
Exploits10
Microsoft KB
Microsoft KB
added 2021/11/09 8:0 a.m.81 views

November 9, 2021—KB5007245 (Security-only update)

None None...

8.8CVSS6.8AI score0.74265EPSS
Exploits10
Microsoft KB
Microsoft KB
added 2021/11/09 8:0 a.m.416 views

November 9, 2021—KB5007192 (OS Build 14393.4770) - EXPIRED

None None...

8.8CVSS6.8AI score0.74265EPSS
Exploits10
Github Security Blog
Github Security Blog
added 2021/07/02 7:19 p.m.99 views

A user without PR can reset user authentication failures information

Impact The script service method used to reset the authentication failures record can be executed by any user with Script rights and does not require Programming rights as it should have. Note that being able to reset the authentication failure record mean that an attacker with script right might...

5.5CVSS0.2AI score0.00499EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/07/01 5:15 p.m.27 views

CVE-2021-32729

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A vulnerability exists in versions prior to 12.6.88, 12.10.4, and 13.0. The script service method used to reset the authentication failures record can be executed by any user with Script right...

5.5CVSS0.00499EPSS
Exploits0References2
Rows per page
Query Builder