31 matches found
CVE-2026-47165
ImageMagick CVE-2026-47165 (and CVE-2026-47166) affect versions prior to 6.9.13-48 and 7.1.2-23 where the distributed pixel cache lacked a challenge–response authentication model, enabling local attackers with high privileges to access sensitive pixel data. Additionally, CVE-2026-47166 describes ...
PT-2026-42813
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The distributed pixel cache was originally designed to operate without a challenge-response authentication model, which is a security mechanism where one party...
CVE-2026-42256
Net::IMAP (Ruby) is affected by a Denial of Service when authenticating with SCRAM-SHA1/SCRAM-SHA256 if a hostile server sends a very high iteration count. Affected versions: 0.4.0–0.4.23, 0.5.0–0.5.13, 0.6.0–0.0.6. Wait that seems wrong: fix lists are 0.4.24, 0.5.14, 0.6.4. Corrected: Affected r...
CVE-2026-6665 PgBouncer buffer overflow in SCRAM
The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.0.1)
The version of AHV installed on the remote host is prior to AHV-10.0.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.0.1 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Respons...
CVE-2026-27855
Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP reply is valid. An attacker able to observe an OTP exchange is able to log in as the user. If...
CVE-2026-27855
Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP reply is valid. An attacker able to observe an OTP exchange is able to log in as the user. If...
EUVD-2014-7872
Malware in sbrugna...
EUVD-2007-2238
Malware in sbrugna...
CVE-2025-47949
Summary: samlify (Node.js SAML library) has a Signature Wrapping vulnerability in versions prior to 2.10.0, enabling an attacker to forge a SAML Response to impersonate any user. An attacker would need a signed XML document from the identity provider. Fix/mitigation: Upgrade to version 2.10.0 or ...
The vulnerability of the Salted Challenge Response Authentication Mechanism (SCRAM) in Apache Kafka message dispatchers allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the Salted Challenge Response Authentication Mechanism SCRAM in Apache Kafka message brokers stems from the lack of verification of unique message IDs between the client and the server. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and...
CVE-2022-33968
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...
Emerson DeltaV Distributed Control System 加密问题漏洞
Emerson DeltaV Distributed Control System is an automated distributed control system from Emerson. The system includes functions such as network security management, alarm management, batch control, and change management. The Emerson DeltaV Distributed Control System is vulnerable to a...
Undocumented Backdoor Account in DBLTek GoIP
Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in the authentication procedure. The Telnet...
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication ChallengeResponseAuthentication when OpenSSH is using SKEY or BSDAUTH authentication...
Authentication flaw
Cisco Adaptive Security Appliance ASA Software 9.2.3 and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID...
CVE-2014-8023
Cisco Adaptive Security Appliance ASA Software 9.2.3 and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID...
OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
The host is running OpenSSH sshd with ChallengeResponseAuthentication enabled and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsshdchallengerespauthenticationbofvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ OpenSSH 'sshd' Challenge Response Authentication Buffer...
OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
OpenSSH sshd with ChallengeResponseAuthentication enabled is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
SuSE9 Security Update : imap (YOU Patch Number 9885)
This update fixes a logical error in the challenge response authentication mechanism CRAM-MD5. Due to this mistake a remote attacker can gain access to the IMAP server as arbitrary user. CVE-2005-0198 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C...