5 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an improper warning level, which can lead to misleading error messages...
CVE-2019-0319
The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not...
FreeBSD : openvpn -- too long a username or password from a client can confuse openvpn servers (47bc292a-d472-11ef-aaab-7d43732cb6f5)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 47bc292a-d472-11ef-aaab-7d43732cb6f5 advisory. Frank Lichtenheld reports: OpenVPN v2.6.13 ... improve server-side handling of clients sending username...
RUSTSEC-2024-0364 gitoxide-core does not neutralize special characters for terminals
Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...
keycloak: Brute force attack is possible even after the account lockout
A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality...