[SECURITY] Fedora 32 Update: wpa_supplicant-2.9-5.fc32

wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...

[SECURITY] Fedora 33 Update: wpa_supplicant-2.9-7.fc33

wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...

Italy CERT Warns of a New Credential Stealing Android Malware

Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed "Oscorp" by Italy's CERT-AGID and spotted by AddressIntel, the malware "induces the user to install an accessibility service wi...

CVE-2021-0215

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An...

CVE-2021-0215

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An...

Memory corruption

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An...

CVE-2021-0215

The CVE-2021-0215 issue is a memory leak in Juniper Junos OS on EX/QFX/MX/SRX devices triggered when the 802.1X authenticator port interface flaps. The pfex process (packet forwarding) can crash and restart as memory grows. Several Junos OS releases are affected across multiple lines and versions...

CVE-2021-0215 Junos OS: EX Series, QFX Series, SRX Branch Series, MX Series: Memory leak in packet forwarding engine due to 802.1X authenticator port interface flaps

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An...

PT-2021-2138 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 14.1X53-D54 Juniper Networks Junos OS versions prior to 15.1X49-D240 Juniper Networks Junos OS versions prior to 15.1X53-D593 Juniper Networks Junos OS versions prior to 16.1R7-S8 Juniper Networks...

Juniper Networks Junos OS Resource Management Error Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A resource management error vulnerability exists in multiple Juniper Networks products and can be exploited by an attacker...

Improper Certificate Validation

keycloak-services does not properly validate certificates. Lack of validation on the certificate timestamp validity allows an expired certificate to be accepted by Keycloak's direct-grant authenticator...

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2020-26890 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2020-26890 Source advisory: OSV:GHSA-4MP3-385R-V63F...

Denial of Service in extension "Authenticator" (defbu_authenticator)

The extension bundles demo files of a 3rd party QR Code generator allowing a remote user to create QR Codes saved as PNG files on the webserver. This can result in Denial of Service, since the webspace can be filled up with a large amount of PNG files...

Exploit for CVE-2020-14883

CVE-2020-14883 Oracle WebLogic Server Authenticated Remote Cod...

Information Disclosure

cas-server-support-otp-mfa is vulnerable to information disclosure. The vulnerability exists as the user's secret key is sent as a GET parameter in an img tag when Google Authenticator is used...

CVE-2020-1688

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an...

CVE-2020-27178

Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication...

CVE-2020-27178

Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication...

CVE-2020-27178

Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication...

Authentication flaw

Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication...