49 matches found
[SECURITY] Fedora 44 Update: qt6-qtnetworkauth-6.10.3-1.fc44
Qt6 - NetworkAuth component...
CVE-2024-2378
A vulnerability exists in the web-authentication component of the SDM600. If exploited an attacker could escalate privileges on af-fected installations...
CVE-2025-33185
NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of this vulnerability may lead to information disclosure...
PT-2025-46376
Name of the Vulnerable Software and Affected Versions NVIDIA AIStore affected versions not specified Description NVIDIA AIStore contains a security flaw in the Authentication AuthN component. A successful exploit of this issue may lead to escalation of privileges, information disclosure, and data...
EUVD-2008-2599
Malware in sbrugna...
EUVD-2011-3480
Malware in sbrugna...
EUVD-2008-2270
Malware in sbrugna...
EUVD-2022-48412
Malicious code in bioql PyPI...
EUVD-2023-28590
Malicious code in bioql PyPI...
EUVD-2024-1151
Malicious code in bioql PyPI...
CVE-2024-28056
Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, a Condition property is removed but "Effect":"Allow" remains present, and consequently...
CVE-2022-45546
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...
PT-2025-6118 · Code Projects · Code-Projects Vehicle Parking Management System
Name of the Vulnerable Software and Affected Versions: code-projects Vehicle Parking Management System version 1.0 Description: A critical issue was found in the Authentication component, specifically affecting the login function. The manipulation of the username argument leads to a stack-based...
PT-2024-22004 · Unknown · Eskooly Free Online School Management
Name of the Vulnerable Software and Affected Versions: Eskooly Free Online School management Software versions 3.0 and earlier Description: An issue in the User Account Management component of the authentication mechanism allows a remote attacker to escalate privileges. Recommendations: For...
Privilege Escalation
Amazon AWS Amplify CLI is vulnerable to Privilege Escalation. The vulnerability is due to the mishandling of role trust policies when the Authentication component is removed, leaving "Effect":"Allow" in place without conditions, thus exposing sts:AssumeRoleWithWebIdentity to potential misuse...
CVE-2024-28056
CVE-2024-28056 affects Amazon AWS Amplify CLI versions before 12.10.1. The issue arises when the Authentication component is removed from an Amplify project, which leaves the policy in an IAM role with “Effect”: “Allow” but without the Condition, enabling sts:AssumeRoleWithWebIdentity to be usabl...
PT-2024-22240 · Amazon · Amazon Aws Amplify Cli
Name of the Vulnerable Software and Affected Versions: Amazon AWS Amplify CLI versions prior to 12.10.1 Description: The issue arises when the Authentication component is removed from an Amplify project, resulting in the removal of a Condition property but leaving "Effect":"Allow" present. This...
PT-2024-2841 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Authentication component of Windows operating systems. It is caused by incorrect link resolution before...
PT-2023-3191 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Windows Authentication component in Windows operating systems and is associated with inadequate access control. It allows an attacker to elevate their privileges...
CVE-2022-45546
Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing...