9 matches found
CVE-2019-10319
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpldoTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as...
SUSE CVE-2022-21457
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
Vulnerability of the Server component: PAM Auth Plugin of the MySQL Server database management system, which allows attackers to gain access to modify, add, or delete data.
The vulnerability of the Server component: the PAM Auth Plugin of the MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain access to modify, add, or delete data...
Vulnerability of the Server component: PAM Auth Plugin of the MySQL Server database management system, which allows attackers to gain unauthorized access to protected information.
The vulnerability of the MySQL Server database management system’s PAM Auth Plugin relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information using the FIDO network protocol...
UBUNTU-CVE-2022-21457
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2019-10319
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpldoTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as...
Information disclosure
A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpldoTest allowed users with Overall/Read permission to obtain limited information about the file /etc/shadow and the user Jenkins is running as...
CVE-2019-10319
CVE-2019-10319 affects Jenkins PAM Authentication Plugin (versions 1.5 and earlier, except 1.4.1). The root cause is a missing permission check in PamSecurityRealm.doTest, which allowed users with Overall/Read permission to view limited information about /etc/shadow and the user Jenkins runs as. ...