Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. Huawei HarmonyOS is vulnerable to licensing issues. Successful exploitation of this vulnerability could result in a usability impact. An attacker could use this vulnerability to bypass Web authentication and gain administrati...

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. An authorization issue vulnerability exists in the Huawei HarmonyOS device authentication service module. Successful exploitation of this vulnerability could result in compromised confidentiality. An attacker could use this vulnerability ...

CVE-2022-0342

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware...

Zyxel USG/ZyWALL 授权问题漏洞

Zyxel USG/ZyWALL is a firewall from Zyxel China. A security vulnerability exists in Zyxel USG/ZyWALL version 4.20 to 4.70, USG FLEX version 4.50 to 5.20, ATP version 4.32 to 5.20, VPN version 4.30 to 5.20, and NSG version 1.20 to 1.33 Patch 4, which can be exploited by an attacker to bypass web...

Juniper Junos OS Path Traversal Vulnerability

A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning ZTP allows an unauthenticated attacker to perform remote code execution...

Authentication Bypass in Jira Seraph - CVE-2022-0540

i Updates 2022/05/05 11:30 AM PDT Updated the List of affected Atlassian Marketplace Apps section to note the following apps have non-vulnerable updates available: Secure Code Warrior® for Jira Simple Tasklists Simple Team Pages for Jira UiPath Test Manager for Jira Xporter - Export issues from...

Vulnerability of the web authentication function of the SolarWinds Serv-U File Server, which allows a hacker to increase their privileges

The vulnerability of the web authentication function of the SolarWinds Serv-U File Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.5.1 security update on RHEL 7

New Red Hat Single Sign-On 7.5.1 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Siemens SICAM MMU, SICAM T, and SICAM SGU Missing Authentication For Critical Function (CVE-2020-10044)

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the network could be able to install specially crafted firmware to the device. This plugin only works with Tenable.ot. Please visit...

CVE-2021-41598

GitHub Enterprise Server vulnerability CVE-2021-41598 is a UI misrepresentation flaw in the GitHub App authorization flow. It can cause more permissions to be granted than the user sees during approval, specifically if the user later updates the repositories an app is installed on after additiona...

DEBIAN-CVE-2021-38022

Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2021-38022

Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Lantronix PremierWave 2050 操作系统命令注入漏洞

The Lantronix PremierWave 2050 is an embedded enterprise Wi-Fi module from Lantronix, Inc. The Lantronix PremierWave 2050 version 8.9.0.0R4 is vulnerable to an OS command injection vulnerability caused by a problem with system authentication for HTTP requests. An attacker could exploit the...

keycloak: Anyone can register a new device when there is no device registered for passwordless login

A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow...

Nextcloud 日志信息泄露漏洞

An information disclosure vulnerability exists in Nextcloud Server, an open source, powerful cloud storage network drive project. An attacker could use this vulnerability to bypass the dual authentication in Nextcloud, and an attacker who knows the password or has access to the WebAuthN trusted...

Raider - Web Authentication Testing Framework

This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated tests, they don't provide features to test the authentication process itself, i.e. manipulating the relevant input fields to identify broken authentication...

CVE-2021-3047

A cryptographically weak pseudo-random number generator PRNG is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to...

The vulnerability of the Keycloak identity and access management software lies in its authentication mechanism, which has flaws. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Keycloak identity and access management software is related to shortcomings in the WebAuthn authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

Improper Authentication

Overview The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the serverAccountID has signed the transaction. The function does not verify that the server ha...