31 matches found
PT-2022-25406 · Nps · Nps
Name of the Vulnerable Software and Affected Versions: NPS versions prior to 0.26.10 Description: The issue allows for an authentication bypass via constantly generating and sending the Auth key and Timestamp parameters. Recommendations: For versions prior to 0.26.10, update to version 0.26.10 or...
CLSA-2022-1655819051 Fixed CVE-2022-22576 in curl
CVE-2022-22576: check additional SASL parameters for connection reuse...
CVE-2021-22171
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...
CVE-2021-22171
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...
UBUNTU-CVE-2021-22171
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...
CVE-2021-22171
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link...
CVE-2020-15924
There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters...
CVE-2020-15924
There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters...
GaussDB: Changing the Password of the Initial User
The initial user SYS is a system administrator and has all system permissions. For database security, change the password of SYS as soon as possible after the database is installed. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...
CVE-2013-7051
CVE-2013-7051 affects D-Link DIR-100 with firmware 4.03B07. The issue is a security bypass in the cli.cgi module caused by failure to check authentication parameters, enabling unauthorized access through the CLI path. Public references describe multiple vulnerabilities for this device (CVE-2013-7...
PT-2017-17181 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.17.7 Cisco ASA Software versions prior to 9.24.11 Cisco ASA Software versions prior to 9.44 Cisco ASA Software versions prior to 9.53 Cisco ASA Software versions prior to 9.61.5 Description: A...