6 matches found
EUVD-2022-39799
Malicious code in bioql PyPI...
CVE-2022-37146
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider ta...
CVE-2022-37146
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider ta...
Authentication flaw
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider ta...
CVE-2022-37146
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider ta...
CVE-2022-37146
PlexTrac platforms prior to version 1.28.0 are affected by an authentication flaw allowing username enumeration. An unauthenticated attacker can distinguish between valid, unlocked PlexTrac users and invalid ones by measuring HTTP login response times, as valid unlocked accounts process requests ...