15 matches found
EUVD-2014-8595
Malware in sbrugna...
EUVD-2007-3185
Malware in sbrugna...
EUVD-2007-2455
Malware in sbrugna...
EUVD-2014-9042
Malware in sbrugna...
EUVD-2010-2944
Malware in sbrugna...
EUVD-2021-8757
Malicious code in bioql PyPI...
CVE-2022-46337
A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...
CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key
MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...
CVE-2023-4501
User authentication with username and password credentials is ineffective in OpenText Micro Focus Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server including product variants such as Enterprise Test Server, versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and...
CVE-2020-26214 LDAP authentication bypass in Alerta
In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorization provider. Only deployments where LDAP servers are configured to allow unauthenticated authentication mechanism for...
Palo Alto Networks PAN-OS 7.0.0 LDAP Authentication Bypass (PAN-SA-2015-0005)
The remote host is running Palo Alto Networks PAN-OS version 7.0.0. It is, therefore, affected by an unspecified flaw in the LDAP authentication process. A remote attacker can exploit this to bypass authentication checks presented by the captive portal component or the device management interface...
MGASA-2014-0438 Updated dokuwiki packages fix security vulnerabilities
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call CVE-2014-8761. The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access...
SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 6535)
Multiple security vulnerabilities have been fixed in PostgrSQL - allows remote authenticated users to cause a denial of service. CVE-2009-3229 - allows remote authenticated users to gain higher privileges. CVE-2009-3230 - when using LDAP authentication with anonymous binds, allows remote attacker...
CVE-2007-2462
CVE-2007-2462 affects Cisco ASA and PIX firewalls (ASA/PIX) running 7.2 prior to 7.2(2)8. The vulnerability allows remote attackers to bypass LDAP authentication and gain privileges when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, via unspecified vectors. Connected source...
squid proxy server access control lists protection bypass
If LDAP authentication is used space can be added to username to bypass ACL restrictuions...