2FAuth 安全漏洞

2FAuth is a web application from Bubka Personal Developers for managing two-factor authentication 2FA accounts and generating their security codes. A security vulnerability exists in 2FAuth version v5.5.0 that stems from a group deletion contention condition that could lead to data inconsistencie...

Authentication flaw

A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware...

PT-2021-15381 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.2.0 through 3.9.24 Description: An issue was discovered in the usage of the insecure rand function within the process of generating the 2FA secret. Recommendations: For versions 3.2.0 through 3.9.24, consider updating to a...

Centrally Manage SSH Administrative Access: KeyBox

Centrally Manage SSH Administrative Access KeyBox is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user’s public SSH keys. Key management and administration is based on profiles assigned to...