Lucene search
+L

100 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.23 views

Debian dla-3486 : ocsinventory-reports - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3486 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3486-1 [email protected] https://www.debian.org/lts/security/...

8CVSS7.5AI score0.01064EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.6 views

SonicWALL Analytics和GMS 授权问题漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...

9.8CVSS8.7AI score0.0101EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.26 views

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

9.8CVSS7.4AI score0.01064EPSS
Exploits2References8
CNNVD
CNNVD
added 2023/05/20 12:0 a.m.3 views

Ellucian 跨站脚本漏洞

Ellucian is Ellucian's open and flexible technology ecosystem supporting SaaS. A cross-site scripting vulnerability exists in Ellucian Ethos Identity versions prior to 5.10.5, which stems from the presence of an unknown function in the file /cas/logout that leads to cross-site scripting via the...

6.1CVSS4.6AI score0.03301EPSS
Exploits1References5
Fedora
Fedora
added 2022/11/11 1:16 a.m.23 views

[SECURITY] Fedora 36 Update: php-pear-CAS-1.6.0-1.fc36

This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...

8CVSS3.2AI score0.01064EPSS
Exploits0
Fedora
Fedora
added 2022/11/11 12:50 a.m.25 views

[SECURITY] Fedora 35 Update: php-pear-CAS-1.6.0-1.fc35

This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...

8CVSS3.2AI score0.01064EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.11 views

Fedora: Security Advisory for php-pear-CAS (FEDORA-2022-76b3530ac2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8CVSS7.9AI score0.01064EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/11/11 12:0 a.m.18 views

Fedora: Security Advisory for php-pear-CAS (FEDORA-2022-37c2d26f59)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8CVSS7.9AI score0.01064EPSS
Exploits0References2
Fedora
Fedora
added 2022/11/10 10:58 p.m.31 views

[SECURITY] Fedora 37 Update: php-pear-CAS-1.6.0-1.fc37

This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...

8CVSS3.2AI score0.01064EPSS
Exploits0
CNNVD
CNNVD
added 2022/11/01 12:0 a.m.7 views

Apereo CAS 安全漏洞

Apereo CAS is a web-based enterprise multilingual single sign-on solution. A security vulnerability exists in Apereo CAS versions prior to 1.6.0 that stems from allowing PHP applications to easily authenticate users through the Central Authentication Service CAS...

8CVSS7.5AI score0.01064EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.4 views

Rocket.Chat 授权问题漏洞

Rocket.Chat is a popular, highly customizable chat platform developed on JavaScript. Rocket.Chat suffers from a security vulnerability when using cas for login, which can be exploited by remote attackers to submit a special request that can bypass two-factor authentication and gain unauthorized...

8.8CVSS7.1AI score0.01229EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.4 views

PT-2022-22655 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: A improper authentication issue exists that allows two-factor authentication to be bypassed when the server is configured to...

8.8CVSS8.8AI score0.01229EPSS
Exploits1References4
OSV
OSV
added 2020/06/04 3:15 p.m.5 views

CVE-2020-13805

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures...

9.8CVSS7.3AI score0.01512EPSS
Exploits0References1
OSV
OSV
added 2020/01/24 7:15 p.m.5 views

UBUNTU-CVE-2014-4172

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...

9.8CVSS7.2AI score0.06057EPSS
Exploits0References3
NVD
NVD
added 2019/12/05 7:15 p.m.23 views

CVE-2012-1105

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...

5.5CVSS5.3AI score0.00464EPSS
Exploits0References5
Prion
Prion
added 2019/12/05 7:15 p.m.19 views

Information disclosure

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...

2.1CVSS6.7AI score0.00464EPSS
Exploits0References5Affected Software3
UbuntuCve
UbuntuCve
added 2019/12/05 7:15 p.m.30 views

CVE-2012-1105

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...

5.5CVSS6.1AI score0.00464EPSS
Exploits0References2
OSV
OSV
added 2019/11/18 4:15 p.m.8 views

CVE-2018-13257

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...

6.1CVSS5.8AI score0.0121EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : mediawiki (2018-e022ecbc52)

https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...

6.5CVSS6AI score0.02797EPSS
Exploits1References4
Fedora
Fedora
added 2018/11/09 6:4 a.m.14 views

[SECURITY] Fedora 29 Update: php-pear-CAS-1.3.6-1.fc29

This package is a PEAR library for using a Central Authentication Service. Autoloader '%pearphpdir/CAS/Autoload.php';...

3.2AI score
Exploits0
Rows per page
Query Builder