Lucene search
K

16 matches found

Vulnrichment
Vulnrichment
added 2026/04/28 5:9 p.m.4 views

CVE-2026-5794 Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request...

7.1CVSS5.2AI score0.00256EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/03 12:0 a.m.4 views

PT-2024-26900 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.2.3 Discourse versions prior to 3.3.0.beta3 Discourse versions prior to 3.3.0.beta4-dev Description: A rogue staff user could suspend other staff users, preventing them from logging in to the site. Recommendation...

6.5CVSS7.2AI score0.00418EPSS
Exploits0References8
NVD
NVD
added 2024/01/31 11:15 a.m.14 views

CVE-2023-50356

SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision Server. This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login...

6.5CVSS6.3AI score0.00293EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.5 views

SUSE CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS6.4AI score0.00486EPSS
Exploits0References4
OSV
OSV
added 2022/03/01 9:5 p.m.27 views

GHSA-P93V-M2R2-4387 Denial of service via insufficient metadata validation

The PAM module for fscrypt through v0.3.2 doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from...

5.5CVSS5.4AI score0.0011EPSS
Exploits0References4
OSV
OSV
added 2022/02/25 11:15 a.m.1 views

UBUNTU-CVE-2022-25327

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

5.5CVSS5.8AI score0.0011EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/04/04 5:19 a.m.32 views

CVE-2018-1000863

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into...

8.2CVSS5.3AI score0.06762EPSS
Exploits1References2
NVD
NVD
added 2017/07/21 2:29 p.m.13 views

CVE-2015-3170

selinux-policy when sysctl fs.protectedhardlinks are set to 0 allows local users to cause a denial of service SSH login prevention by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy...

5.5CVSS5.3AI score0.00274EPSS
Exploits0References1
Prion
Prion
added 2017/07/21 2:29 p.m.13 views

Code injection

selinux-policy when sysctl fs.protectedhardlinks are set to 0 allows local users to cause a denial of service SSH login prevention by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy...

2.1CVSS6.8AI score0.00274EPSS
Exploits0References1
CVE
CVE
added 2017/07/21 2:0 p.m.52 views

CVE-2015-3170

CVE-2015-3170 describes a local denial-of-service in SELinux policy handling. The issue lies in the policy when sysctl fs.protected_hardlinks is set to 0, allowing a local user to create a hardlink to /etc/passwd from a directory named .config and then update selinux-policy, which prevents SSH lo...

5.5CVSS5.3AI score0.00274EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2011/07/21 8:4 a.m.41 views

sssd: DoS in sssd PAM responder can prevent logins

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS5.8AI score0.00486EPSS
Exploits0References4
OSV
OSV
added 2011/01/25 1:0 a.m.4 views

CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

5.8AI score
Exploits0References13
UbuntuCve
UbuntuCve
added 2011/01/25 1:0 a.m.18 views

CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS5.9AI score0.00486EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2011/01/25 12:0 a.m.20 views

CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS4.3AI score0.00486EPSS
Exploits0
Atlassian
Atlassian
added 2011/01/10 2:0 a.m.31 views

Lock account after multiple login failure

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-23412. panel For security purposes, it is desirable to have a mechanism to lock an account if the user attempted multiple login unsuccessfull...

7.2AI score
Exploits0Affected Software1
CERT
CERT
added 2007/04/18 12:0 a.m.15 views

Google Reader cross-site request forgery vulnerability

Overview Google Reader is vulnerable to a persistent cross-site request forgery attack that may be exploited by a specially crafted RSS feed. Description Google Reader is an online RSS feed reader. It can display text and images when displaying RSS feeds.Google Reader contains a cross-site reques...

7.2AI score
Exploits0References6
Rows per page
Query Builder