PT-2024-40500 · Osv · Osv

Name of the Vulnerable Software and Affected Versions: OSV affected versions not specified Description: A security issue has been found where login failures are logged on the default stream with log level "warning", including plain-text user credentials. Recommendations: At the moment, there is n...

UBUNTU-CVE-2023-39325

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

authentik 访问控制错误漏洞

authentik is an open source identity provisioning application from authentik Open Source. An access control error vulnerability exists in authentik versions prior to 2022.11.2 and 2022.10.2, which stems from the fact that an unauthenticated user can create a new account in authentik using the...

Information Disclosure in User Authentication

It has been discovered that login failures have been logged on the default stream with log level "warning" including plain-text user credentials...

OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...

Vulnerabilities with Windows file default stream

Vulnerabilities with Windows file default stream Severity: major CVE-2010-2263 Not vulnerable: 0.8.40+, 0.7.66+ Vulnerable: nginx/Windows 0.7.52-0.8.39...