Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2198
The Login Security module 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3 for Drupal allows malicious users to bypass intended restrictions via a crafted username.
Login Security Project Login Security
Login Security Project Login Security 6.x-1.0
Login Security Project Login Security 6.x-1.x
Login Security Project Login Security 7.x-1.x
6.1
CVSSv3
CVE-2021-32618
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects aft...
Flask-security Project Flask-security
1 Github repository
6.1
CVSSv3
CVE-2023-49438
An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows malicious users to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.
Flask-security-too Project Flask-security-too
1 Github repository
7.4
CVSSv3
CVE-2021-21241
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before ver...
Flask-security-too Project Flask-security-too
4.8
CVSSv3
CVE-2022-25896
This affects the package passport prior to 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed.
Passport Project Passport
5.9
CVSSv3
CVE-2019-10214
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulne...
Buildah Project Buildah -
Libpod Project Libpod -
Redhat Openshift Container Platform 4.1
Skopeo Project Skopeo -
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
7.8
CVSSv3
CVE-2018-16743
An issue exists in mgetty prior to 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
Mgetty Project Mgetty
NA
CVE-2012-2812
The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) prior to 0.6.21 allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an...
Libexif Project Libexif 0.6.14
Libexif Project Libexif 0.6.15
Libexif Project Libexif 0.6.16
Libexif Project Libexif 0.6.18
Libexif Project Libexif 0.6.19
Libexif Project Libexif
NA
CVE-2012-2813
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) prior to 0.6.21 allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags...
Libexif Project Libexif 0.6.14
Libexif Project Libexif 0.6.15
Libexif Project Libexif 0.6.16
Libexif Project Libexif 0.6.18
Libexif Project Libexif 0.6.19
Libexif Project Libexif
NA
CVE-2012-2836
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) prior to 0.6.21 allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an i...
Libexif Project Libexif 0.6.14
Libexif Project Libexif 0.6.15
Libexif Project Libexif 0.6.16
Libexif Project Libexif 0.6.18
Libexif Project Libexif 0.6.19
Libexif Project Libexif
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »