[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251453 Download | Alert*

A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL ...

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RP ...

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.

A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered.

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly escape output on error, leading to reflected XSS.

An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie.

An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel.

An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.

An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not properly escaped. This leads to XSS when submitting a rogue certificate.


Pages:      Start    9310    9311    9312    9313    9314    9315    9316    9317    9318    9319    9320    9321    9322    9323    ..   25145

© SecPod Technologies