2078 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-29663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue ...
Linux Distros Unpatched Vulnerability : CVE-2021-39945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all...
Linux Distros Unpatched Vulnerability : CVE-2019-19270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry checking twice for subject, rather...
Linux Distros Unpatched Vulnerability : CVE-2020-13302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and...
Linux Distros Unpatched Vulnerability : CVE-2018-8019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked clie...
Linux Distros Unpatched Vulnerability : CVE-2020-13230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account e.g., permission to view logs...
traQ Allows Insertion of Sensitive Information into Log File
Impact A vulnerability exists where sensitive information, such as OAuth tokens, is recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an...
Linux Distros Unpatched Vulnerability : CVE-2018-1000211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access token...
Linux Distros Unpatched Vulnerability : CVE-2020-13299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could...
Linux Distros Unpatched Vulnerability : CVE-2023-5255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. CVE-2023-5255 Note that...
Malicious code in vc-revocation-list-2020-context (npm)
The package vc-revocation-list-2020-context was found to contain malicious code...
MAL-2025-38166 Malicious code in vc-revocation-list-2020-context (npm)
The package vc-revocation-list-2020-context was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2024-51491
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during...
Linux Distros Unpatched Vulnerability : CVE-2024-56138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during...
Linux Distros Unpatched Vulnerability : CVE-2017-7374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibl...
Linux Distros Unpatched Vulnerability : CVE-2022-40617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity and intermediate CA...
Linux Distros Unpatched Vulnerability : CVE-2020-26957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate...
Linux Distros Unpatched Vulnerability : CVE-2020-36425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CR...
Building a Robust OAuth Token Based API Security: a High Level Overview
APIs Application Programming Interfaces or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and scalable solutions for secure authentication and authorization...
CVE-2025-4754 Missing Session Revocation on Logout in ash_authentication_phoenix
Insufficient Session Expiration vulnerability in ash-project ashauthenticationphoenix allows Session Hijacking. This vulnerability is associated with program files lib/ashauthenticationphoenix/controller.ex. This issue affects ashauthenticationphoenix until 2.10.0...