CVE-2026-45229 Quark Drive (quark-auto-save) < 0.8.5 Mass Assignment via POST /update

Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui object to the configdata dictionary. Attackers can exploit insufficient deny-list filtering to...

CVE-2026-4272

Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows Authentication Abuse.This issue affects Handheld Scanners: from C1 BaseIngenic x1000 before GK000432BAA, from D1 BaseIngenic x1600 before HE000085BAA, from A1/B1 BaseIMX25 before...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

🔓 CVE-2026-3055 - Citrix NetScaler Memory Overread Exploit !...

CVE-2026-0490

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on th...

CVE-2026-0490 Denial of service (DOS) in SAP BusinessObjects BI Platform

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on th...

EUVD-2024-50263

Malicious code in bioql PyPI...

CVE-2024-35277

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to access to the configuration of the managed devices by sending...

The vulnerability of the Advanced Payment Management component of the SAP S/4HANA Finance software allows a perpetrator to enhance their privileges.

The vulnerability of the Advanced Payment Management component of the SAP S/4HANA Finance financial management software is related to authentication breaches. Exploiting this vulnerability can allow attackers who operate remotely to enhance their privileges...

Vulnerability of microprogrammed programmable logic controllers MELSEC-F: related to authentication breaches, allowing attackers to circumvent existing security restrictions

The vulnerability of MELSEC-F programmable logic controllers’ microprogramming software is related to authentication breaches. Exploiting this vulnerability allows an attacker, operating remotely, to circumvent existing security restrictions...

Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App

A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat...

Appspace 授权问题漏洞

Appspace is an application from the US-based Appspace Inc. Provides built-in content strategies to easily implement and execute team communication programs. Appspace version 6.2.4 suffers from an authorization issue vulnerability that stems from being susceptible to authentication mechanism...

Apple iOS Security Vulnerability

Apple iOS is a set of operating systems developed for mobile devices by the American company Apple Apple. A security vulnerability exists in Apple iOS 12, where unauthorized code execution may result in a violation of authentication policies. The following products and versions are affected: iPho...

Exploit for Incorrect Privilege Assignment in Redhat Gluster_Storage

GEVAUDAN Gluster Environment Vulnerable AUthentication Data A...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities in the krb5 package of the Debian GNU/Linux operating system; exploiting these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals who have complete...

SUSE-SU-2015:0709-1 Security update for subversion

Subversion has been updated to fix a security problem: bnc889849: Reveal authentication information through an md5 collision attack on authentication realm CVE-2014-3528 Security Issues: CVE-2014-3528...

[NT] ASP Client Check SQL Injection Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion When was the last time you checked your server's security? How about a monthly report? http://www.AutomatedScanning.com - Know that you're...