katello-headpin is vulnerable to CSRF in REST API...
openstack-utils openstack-db has insecure password creation...
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an...
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...
A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered....
CVE-2019-13456 WPA3 Dragonblood Vulnerability. Information leak in FreeRADIUS' EAP-pwd due to aborting when needing more than 10 iterations....
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees...