In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360. (CVSS:0.0) (Last Update:2019-07-16)

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username. (CVSS:0.0) (Last Update:2019-07-16)

A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191. (CVSS:0.0) (Last Update:2019-07-16)

A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975. (CVSS:0.0) (Last Update:2019-07-15)

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. (CVSS:0.0) (Last Update:2019-07-15)

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. (CVSS:0.0) (Last Update:2019-07-15)

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. (CVSS:0.0) (Last Update:2019-07-15)

A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security update corrects how ADFS updates its list of banned IP addresses., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-1126. (CVSS:0.0) (Last Update:2019-07-15)