Linux Distros Unpatched Vulnerability : CVE-2010-2526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not...

CVE-2024-7079

A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser middleware function. Contrary to its name, this...

CVE-2024-7079 Openshift-console: unauthenticated installation of helm charts

A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser middleware function. Contrary to its name, this...

Improper Authorization

aries-cloudagent is vulnerable to Improper Authorization. The vulnerability is due to improper verification of credentials when a user presents incorrectly constructed proofs. This allows malicious verifiers to save and replay unauthorized presentations...

OESA-2021-1230 polkit security update

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. Security Fixes: A flaw was found in polkit. When a requesting process disconnects from dbus-daemon just before the call to polkitsystembusnamegetcredssync...

Credentials Verification Bypass

vp-toolkit is vulnerable to credentials verification bypass. The verifyVerifiablePresentation function verifies the cryptographic integrity of the Verifiable Presentation but failure to check if the credentialSubject.id matches the signer of the VP proof allows to bypass the verification...

munge elevation of privilege vulnerability

munge is an authentication service for creating and verifying credentials. An elevation of privilege vulnerability exists in munge that can be exploited by an attacker to elevate privileges to root...

Unauthorized Domain Creation

admin-cli is vulnerable to unauthorised domain creation. The vulnerability is possible since it does not verify the validity of admin's credentials before creation of domain...

Mango Automation Multiple Vulnerabilities

Mango Automation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2011-3620

Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username...

Authentication flaw

The WSEE runtime WS-Security runtime in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security...

CVE-2006-2771

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...