PT-2024-1375

Name of the Vulnerable Software and Affected Versions linux-pam versions prior to 1.6.0 Description The issue is related to the protect dir function in the pam namespace module of Linux-PAM, which is associated with incorrect resource cleanup or release. This can allow a remote attacker to cause ...

[SECURITY] Fedora 38 Update: python-aiohttp-3.9.1-1.fc38

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...

PT-2023-9635 · Oracle +4 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.37 and prior Description: The issue is related to the Server: Pluggable Auth component of Oracle MySQL Server. It allows a high privileged attacker with network access via multiple protocols to compromise the...

Fedora: Security Advisory for python-aiohttp (FEDORA-2023-bc1f081ca0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2020-14553

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

Oracle 19c / 21c Sharding Component Password Hash Exposure

Title: CVE-2023-22074 – Oracle database password hash exposure in sharding component Product: Database Manufacturer: Oracle Affected Versions: 19c,21c 19.3-19.20 and 21.3-21.11 Tested Versions: 19c Risk Level: Low Solution Status: Fixed CVE Reference: CVE-2023-22074 Base Score: 2.4 Author of...

UBUNTU-CVE-2023-40184

xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...

[SECURITY] Fedora 37 Update: python-aiohttp-3.8.5-1.fc37

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : MySQL vulnerabilities (USN-6288-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6288-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has...

[SECURITY] Fedora 38 Update: python-aiohttp-3.8.5-1.fc38

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).

...

Vulnerability of the Server:Pluggable Auth component of the Oracle MySQL Server database management system, which allows attackers to gain unauthorized access to confidential information

The vulnerability of the Server:Pluggable Auth component of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to confidential information usin...

UBUNTU-CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

AZL-27465 CVE-2023-22048 affecting package mysql for versions less than 8.0.34-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

UBUNTU-CVE-2023-22048

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

CVE-2023-22048

CVE-2023-22048 is a MySQL Server vulnerability in the Server: Pluggable Auth component. Affected versions are 8.0.33 and earlier. It requires network access with a low-privilege attacker and can lead to unauthorized read access to a subset of MySQL data; CVSS 3.1 Base Score is 3.1 (Low). The conn...

PT-2023-3655 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.33 and prior Description: The issue is related to insufficient input validation in the Server: Pluggable Auth component of Oracle MySQL Server, allowing a low-privileged attacker with network access via multiple...

Security Bulletin: CWE – 307: Inadequate Account Lockout may affect IBM CICS TX Standard

Summary CWE - 307 may affect IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CWE. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM CICS TX Standard| 11.1...

[SECURITY] Fedora 37 Update: python-markdown-it-py-2.2.0-1.fc37

Markdown parser done right. Its features: Follows the CommonMark spec for baseline parsing. Has configurable syntax: you can add new rules and even replace existing ones. Pluggable: Adds syntax extensions to extend the parser. High speed & safe by default...

[SECURITY] Fedora 38 Update: python-markdown-it-py-2.2.0-1.fc38

Markdown parser done right. Its features: Follows the CommonMark spec for baseline parsing. Has configurable syntax: you can add new rules and even replace existing ones. Pluggable: Adds syntax extensions to extend the parser. High speed & safe by default...