100 matches found
Debian dla-3486 : ocsinventory-reports - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3486 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3486-1 [email protected] https://www.debian.org/lts/security/...
SonicWALL Analytics和GMS 授权问题漏洞
SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...
Debian dla-3487 : fusiondirectory - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...
Ellucian 跨站脚本漏洞
Ellucian is Ellucian's open and flexible technology ecosystem supporting SaaS. A cross-site scripting vulnerability exists in Ellucian Ethos Identity versions prior to 5.10.5, which stems from the presence of an unknown function in the file /cas/logout that leads to cross-site scripting via the...
[SECURITY] Fedora 36 Update: php-pear-CAS-1.6.0-1.fc36
This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...
[SECURITY] Fedora 35 Update: php-pear-CAS-1.6.0-1.fc35
This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...
Fedora: Security Advisory for php-pear-CAS (FEDORA-2022-76b3530ac2)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for php-pear-CAS (FEDORA-2022-37c2d26f59)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 37 Update: php-pear-CAS-1.6.0-1.fc37
This package is a PEAR library for using a Central Authentication Service. Autoloader: %pearphpdir/CAS/Autoload.php...
Apereo CAS 安全漏洞
Apereo CAS is a web-based enterprise multilingual single sign-on solution. A security vulnerability exists in Apereo CAS versions prior to 1.6.0 that stems from allowing PHP applications to easily authenticate users through the Central Authentication Service CAS...
Rocket.Chat 授权问题漏洞
Rocket.Chat is a popular, highly customizable chat platform developed on JavaScript. Rocket.Chat suffers from a security vulnerability when using cas for login, which can be exploited by remote attackers to submit a special request that can bypass two-factor authentication and gain unauthorized...
PT-2022-22655 · Unknown · Rocket.Chat
Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: A improper authentication issue exists that allows two-factor authentication to be bypassed when the server is configured to...
CVE-2020-13805
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures...
UBUNTU-CVE-2014-4172
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the 1 service...
CVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...
Information disclosure
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...
CVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...
CVE-2018-13257
The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service CAS service ticket validation, enabling a phishing attack from the CAS server login page...
Fedora 28 : mediawiki (2018-e022ecbc52)
https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...
[SECURITY] Fedora 29 Update: php-pear-CAS-1.3.6-1.fc29
This package is a PEAR library for using a Central Authentication Service. Autoloader '%pearphpdir/CAS/Autoload.php';...