419 matches found
CVE-2026-0393
The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...
PT-2026-42450
Name of the Vulnerable Software and Affected Versions CODESYS Visualization affected versions not specified Description Insufficient isolation of authentication data may cause the remote exposure of credentials between low privileged visualization users during concurrent login operations. This...
Astra Linux - уязвимость в mongo-c-driver
Some MongoDB drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. These published events may contain security-sensitive data when specific authentication-related commands are executed. Without proper care, an application...
Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client
Impact An attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects u ripukidpenc and uripukidpsig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge respons...
CLSA-2026-1778778961 curl: Fix of 2 CVEs
CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...
curl: Fix of 2 CVEs
CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...
CVE-2026-6915
A flaw was found in MongoDB. An authenticated user could exploit an authorization flaw in the user management command. This allows them to make limited changes to authentication-related data associated with another user account. Such modifications could affect how authentication is performed for...
BIT-MONGODB-2026-6915 Flaw in the updateUser Command May Allow Unauthorized Configuration Change
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
PT-2026-39161
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
Linux Distros Unpatched Vulnerability : CVE-2026-6915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with...
CVE-2026-6915
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
CVE-2026-6915 Flaw in the updateUser Command May Allow Unauthorized Configuration Change
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
CVE-2026-6915
Technical details (affected product/version, root cause specifics, exploit information) are not publicly provided in the supplied documents. Monitor for updates from official CVE/NVD feeds for additional concrete details.
CVE-2026-6915 Flaw in the updateUser Command May Allow Unauthorized Configuration Change
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
CVE-2026-6915
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
EUVD-2026-26263
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
Flaw in the updateUser Command May Allow Unauthorized Configuration Change
An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from an...
PT-2026-35957
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authorization flaw in the user management command allows an authenticated user to make limited changes to authentication-related data associated with another...
MongoDB Server -- Multiple vulnerabilities
https://jira.mongodb.org/browse/SERVER-119981 reports: Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. An authorization flaw in the user management command could allow an authenticated user to make limited changes t...