EUVD-2022-3113

Malicious code in bioql PyPI...

CVE-2018-14657

Keycloak 4.2.1.Final and 4.3.0.Final are affected by CVE-2018-14657. The root cause is an improper implementation of brute force detection when TOPT is enabled, resulting in the login protection not being enforced. Impact described across connected sources indicates brute force protection may not...

CVE-2018-14657

A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures...

PT-2018-12647 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak versions 4.2.1.Final, 4.3.0.Final Description: A flaw was found in the implementation of the Brute Force detection algorithm when TOPT is enabled, which will not enforce its protection measures. Recommendations: For Keycloak version...

Shadowsocks - Log File Command Execution

X41 D-Sec GmbH Security Advisory: X41-2017-008 Multiple Vulnerabilities in Shadowsocks ======================================= Overview -------- Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL:...

Shadowsocks Log Manipulation / Command Execution Vulnerability

Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traff...