26 matches found
aiohttp: DigestAuthMiddleware Applies Credentials to Cross-Origin Redirect Challenges
Summary DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. Impact If the client follows a redirect the default option to an attacker controlled domain, the attacker may be able to extract the auth digest. This likely requires an open redirect...
Linux Distros Unpatched Vulnerability : CVE-2026-40892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in...
ALPINE-CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40892 PJSIP: Stack buffer overflow in pjsip_auth_create_digest2()
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
EUVD-2026-24469
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
EUVD-2022-29587
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-24754
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer...
CVE-2018-16153
An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...
Opencast Security Vulnerabilities
Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions 4.x through 10.x prior to 10.6, which originates from sending system digest credentials during an...
CVE-2018-16153
An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...
CVE-2018-16153
CVE-2018-16153 affects Opencast 4.x–10.x prior to 10.6, where authentication attempts to external services may transmit system digest credentials. The issue arises when Opencast sends credentials during authentication against arbitrary external services inside some workflows, potentially exposing...
Buffer Overflow
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
ALPINE-CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
UBUNTU-CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
CVE-2022-24754 Buffer overflow in pjsip
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...
CVE-2022-24754 Buffer overflow in pjsip
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...