79 matches found
CVE-2012-4381
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...
Authentication flaw
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...
UBUNTU-CVE-2012-4381
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...
CVE-2012-4381
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, 1 which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, 2 when an authentication plugin returns a false in the strict function, could allow remo...
Fedora Update for dovecot FEDORA-2019-5898f4f935
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-10372
An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login...
CVE-2019-10372
An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login...
Design/Logic Flaw
An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve t...
Session fixation
An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...
CVE-2019-1003021
An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve t...
CVE-2019-1003018
An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve the...
CVE-2019-1003021
An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser e.g. malicious extension to retrieve t...
Seven Must-Dos to Secure MySQL 8.0
Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...
Seven Must-Dos to Secure MySQL 8.0
Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...
Joomla! LDAP injection leads to bypass the login authentication vulnerability bugCVE-2017-14596-vulnerability warning-the black bar safety net
With more than 8400 million downloads, Joomla! Is now the Internet's most popular CMS. It hosts a collection of world all website content and articles 3. 3 per cent. The use of code elucidating the object RIPS in the login controller detects a snapped celecoxib no invention of the LDAP injection...
CVE-2017-7660
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...
CVE-2014-3552
The Shibboleth authentication plugin in auth/shibboleth/index.php in Moodle through 2.3.11, 2.4.x before 2.4.11, and 2.5.x before 2.5.7 does not check whether a session ID is empty, which allows remote authenticated users to hijack sessions via crafted plugin interaction...
CVE-2014-3552
The CVE-2014-3552 entry concerns Moodle’s Shibboleth authentication plugin (auth/shibboleth/index.php). It affects Moodle versions up to 2.3.11, 2.4.x prior to 2.4.11, and 2.5.x prior to 2.5.7, where the plugin fails to check for an empty session ID. This allows remote authenticated users to hija...
Fedora Update for dovecot FEDORA-2012-19752
Check for the Version of dovecot OpenVAS Vulnerability Test Fedora Update for dovecot FEDORA-2012-19752 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...