Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-44324
Adobe FrameMaker Publishing Server versions 2022 and previous versions are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's...
Adobe Framemaker Publishing Server
Adobe Framemaker Publishing Server 2022
NA
CVE-2023-34060
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the applian...
Vmware Cloud Director
1 Article
NA
CVE-2023-4154
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes...
Samba Samba
NA
CVE-2023-40660
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logo...
Opensc Project Opensc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-40661
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and ...
Opensc Project Opensc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-42669
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho&...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux For Power Little Endian 9.0 Ppc64le
Redhat Enterprise Linux For Power Little Endian Eus 9.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems Eus 9.0 S390x
Redhat Enterprise Linux For Ibm Z Systems 9.0 S390x
NA
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic...
Samba Samba
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
Fedoraproject Fedora 39
NA
CVE-2023-4091
A vulnerability exists in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the ...
Samba Samba
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
NA
CVE-2023-42670
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes ...
Samba Samba
Fedoraproject Fedora 39
NA
CVE-2023-20264
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious...
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 7.2.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »