Incorrect Implementation of Authentication Algorithm

Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm. An attacker can gain unauthorized access to another user's account by leveraging a specially crafted email address when switching authentication methods and sending a request to the...

EUVD-2025-199833

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email...

CVE-2025-59278

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

EUVD-2025-34271

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

EUVD-2025-34369

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

CVE-2025-59278

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

CVE-2025-59278

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

CVE-2025-59277

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

CVE-2025-59275

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally...

PT-2025-42140

Name of the Vulnerable Software and Affected Versions Windows Authentication Methods affected versions not specified Description An issue exists in Windows Authentication Methods where improper validation of input allows a local attacker to gain elevated privileges. Recommendations At the moment,...

EUVD-2011-4036

Malware in sbrugna...

EUVD-2019-4917

Malware in sbrugna...

EUVD-2000-0142

Malware in sbrugna...

EUVD-2006-5624

Malware in sbrugna...

EUVD-2007-1065

Malware in sbrugna...

EUVD-2017-1439

Malware in sbrugna...

EUVD-2025-24035

Malicious code in bioql PyPI...

EUVD-2022-3873

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: curl-8.11.1-6.fc42

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

The vulnerability of the user blocking mechanism of the Vault Enterprise and Vault Community Edition corporate information archiving platforms allows attackers to circumvent existing security restrictions.

The vulnerability of the user blocking mechanism in the Vault Enterprise and Vault Community Edition corporate information archiving platforms is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability allows a malicious actor to circumvent existing security...