ROS-20260605-73-0026

The vulnerability in Tomcat10 is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

PT-2026-22266

Name of the Vulnerable Software and Affected Versions Systems utilizing WebSocket endpoints for the Open Charge Point Protocol OCPP affected versions not specified Description WebSocket endpoints lack proper authentication mechanisms, allowing attackers to perform unauthorized station impersonati...

CVE-2026-27584 ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints

Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN and Pluggy.ai integration endpoints and read sensitive bank account balance and transaction...

AMD Xilinx Run Time 安全漏洞

AMD Xilinx Run Time is a standardized runtime environment developed by AMD for Xilinx FPGAs that provides a unified software interface to optimize FPGA arithmetic. An elevation of privilege vulnerability exists in AMD Xilinx Run Time that stems from insufficient authentication and can be exploite...

CVE-2025-61956

Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...

The vulnerability in the management of FortiOS operating systems and FortiProxy proxy servers, related to authentication procedures that lack sufficient protection, allows attackers to bypass existing security restrictions and gain access to the system.

The vulnerability in the management of FortiOS operating systems and FortiProxy proxy servers for protecting against Internet attacks is related to authentication procedures’ deficiencies. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain...

The vulnerability of Juniper Networks Junos OS web server allows a hacker to gain access to device command interfaces.

The vulnerability of Juniper Networks Junos OS web servers is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow a malicious actor to gain access to device command interfaces remotely...

The vulnerability of the Unified Audit component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, and delete information.

The vulnerability of the Unified Audit component of the Oracle Database Server management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete data...

The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication process, allows attackers to circumvent security restrictions.

The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

The vulnerability of the system administration program Sudo, related to deficiencies in authentication mechanisms, allows attackers to escalate their privileges.

The vulnerability of the system administration program Sudo is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Blitz Identity Provider software, related to deficiencies in the authentication process, allows a perpetrator to change the email address of a user’s account.

The vulnerability of the Blitz Identity Provider software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to change the email address of a user’s account remotely...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information by...

The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to circumvent existing security restrictions and execute arbitrary code.

The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...

The vulnerability of the virtual learning environment web service Moodle allows a perpetrator to gain unauthorized access to user data.

The vulnerability of the Moodle virtual learning environment’s web service is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to user data...

The vulnerability of the Multi-Factor Authentication component in the virtual learning environment Moodle allows a perpetrator to gain unauthorized access to protected information or execute arbitrary codes.

The vulnerability of the Multi-Factor Authentication component in the virtual learning environment Moodle is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information or execute arbitrary...

The vulnerability of the SAP Solution Manager platform, related to deficiencies in the authentication process, allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the SAP Solution Manager platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to compromise the confidentiality of the protected information...

The vulnerability of the Jenkins automation server, related to deficiencies in authentication procedures, allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...

The vulnerability of the Cash Management component of the PeopleSoft Enterprise FIN Cash Management software allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Cash Management component of the PeopleSoft Enterprise FIN Cash Management software lies in the lack of authentication mechanisms. Exploiting this vulnerability allows an attacker to manipulate the confidentiality and integrity of the protected information through HTTP...

The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition (ME) devices lies in the lack of authentication procedures. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP lies in the lack of authentication procedures. This allows attackers to increase their privileges.

The vulnerabilities of the software used for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP are related to deficiencies in the authentication process. Exploiting these vulnerabilities can allow attackers, operating remotely, to increase the...