PT-2026-44546

Name of the Vulnerable Software and Affected Versions Symfony Webhook Bridges versions prior to 6.4 Symfony Webhook Bridges versions prior to 7.4 Description The Mailjet mailer bridge and the LOX24 SMS notifier bridge contain webhook request parsers that fail to authenticate event callbacks. The...

Gitlab -- vulnerabilities

Gitlab reports: Cross-Site Request Forgery issue in GraphQL API impacts GitLab CE/EE GitLab Improper Resolution of Path Equivalence issue in Web IDE asset impacts GitLab CE/EE Cross-site Scripting issue in Storybook impacts GitLab CE/EE Denial of Service issue in discussions endpoint impacts GitL...

[SECURITY] Fedora 42 Update: munge-0.5.18-1.fc42

MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having...

Elastic Kibana 安全漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from a failure to adequately validate user-supplied credentials JSON loads when processing configurations for the Google Gemini connector, which could le...

CVE-2023-49208

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration...

EUVD-2015-6230

Malware in sbrugna...

ChargePoint Home Flex 信任管理问题漏洞

ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of server-supplied credentials. An attacker exploiting this vulnerability could execute code in a...

PT-2024-38065 · Red Hat · Openshift Console

Name of the Vulnerable Software and Affected Versions: Openshift console affected versions not specified Description: A flaw was found in the Openshift console, specifically in the /API/helm/verify endpoint, which is responsible for fetching and verifying the installation of a Helm chart from a...

Buffer Overflow

glewlwyd:sid is vulnerable to Buffer overflow. The vulnerability due to improper authentication during FIDO2 credentials validation in webauthn registration through scheme/webauthn.c in Glewlwyd SSO server. It allow an attacker get access would leads to buffer overflow...

CVE-2023-49208

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration...

CVE-2023-49208

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration...

CVE-2023-49208

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration...

Cisco StarOS 安全漏洞

Cisco StarOS is a set of virtualization operating system of the American Cisco Cisco. Cisco StarOS suffers from an input validation error vulnerability that stems from insufficient validation of user-supplied credentials, which could be exploited by an attacker to allow logging into an affected...

GOautodial 授权问题漏洞

GOautodial is a next-generation open source omnichannel contact center suite. Goautodial suffers from an authorization issue vulnerability that arises when the API in the software does not properly validate usernames and passwords, allowing callers to specify any value for a parameter and...

SUSE-SU-2020:3250-1 Security update for SUSE Manager 4.0

This security update for SUSE Manager 4.0 provides the following fixes: py26-compat-salt: - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846 spacewalk-java: - Use correct eauth module an...

SUSE-SU-2020:3155-1 Security update for salt

This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846 - Fix disk.blkid to avoid unexpected keyword argument 'pubuser'. bsc1177867 - Ensure...

CVE-2020-7305

Privilege escalation vulnerability in McAfee Data Loss Prevention DLP ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials...

Error: "An Error Occurred While Making The Requested Connection"

When starting XenDesktop from the Web Interface screen, the following error message might be displayed: “An error occurred while making the requested connection” Upon examining the broker logs, the following error message is displayed: “The Citrix Broker Service failed to validate a user's...

Host Directory PRO - Cookie Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28863/info Host Directory PRO is prone to a security-bypass vulnerability because it fails to properly validate user credentials before performing certain actions. Exploiting this issue may allow an attacker to bypass...