CVE-2020-5263

auth0.js NPM package auth0-js greater than version 8.0.0 and before version 9.12.3 has a vulnerability. In the case of an authentication error, the error object returned by the library contains the original request of the user, which may include the plaintext password the user entered. If the err...

CVE-2011-4322

websitebaker prior to and including 2.8.1 has an authentication error in backup module...

TOTOLINK A810R Trust Management Issue Vulnerability

TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. A trust management issue vulnerability exists in TOTOLINK A810R version V4.1.2cu.5182B20201026, which stems from the presence of hardcoded passwords in product.ini. An attacker can exploit the vulnerability to...

TOTOLINK A810R 安全漏洞

TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. A trust management issue vulnerability exists in TOTOLINK A810R version V4.1.2cu.5182B20201026, which stems from the presence of hardcoded passwords in product.ini. An attacker can exploit the vulnerability to...

NetScaler 13.1 53.24: iOS "Network Timed Out" with Outlook/Teams Authentication

Users encounter a "Network Timed Out" error on their iOS devices when attempting to authenticate specifically with the following applications: Microsoft Outlook iOS Microsoft Teams iOS This authentication failure is isolated to iOS devices; users on Android, Windows, or macOS versions of the same...

CVE-2024-11084

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...

CVE-2024-11084 Potential Username Enumeration in Helix ALM

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...

CVE-2024-11084

CVE-2024-11084 affects Perforce Helix ALM prior to 2025.1. The issue is that authentication returns distinct error responses, enabling an attacker to determine whether a username exists (username enumeration). The connected sources (RH Red Hat, NVD, CVE Lists, CNNVD) corroborate the same descript...

CVE-2024-11084 Potential Username Enumeration in Helix ALM

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...

Perforce ALM 安全漏洞

Perforce ALM Helix ALM is an application lifecycle management software from Perforce. A security vulnerability exists in Perforce ALM versions prior to 2025.1 that stems from a different error response being returned during authentication, which could lead to username enumeration...

Advisory ROSA-SA-2025-2822

Software: pampkcs11 0.6.13 OS: ROSA Virtualization 3.0 packageevrstring: pampkcs11-0.6.13-1.rv30 CVE-ID: CVE-2025-24032 BDU-ID: None CVE-Crit: DATA LOSSES. CVE-DESC.: The PAM-PKCS11 vulnerability allows an attacker to log in to a user account using a token created by the user. CVE-STATUS: The...

CVE-2025-32147

Technical details about CVE-2025-32147 (Easy WP Optimizer) are not provided in the supplied documents; no product version, root cause, impact, or remediation details are documented here. Monitor for updates.

WordPress WP JobHunt plugin wp_ajax_google_api_login_callback function authentication error vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP JobHunt...

IROAD X5 访问控制错误漏洞

IROAD X5 is a car recorder from IROAD. IROAD X5 suffers from an Access Control Error vulnerability that stems from an authentication error and could lead to a remote attack...

Apache Ozone Authentication Error Vulnerability

Apache Ozone is an application of the US Apache Apache Foundation. A scalable, redundant and distributed object store for Hadoop and cloud-native environments. Apache Ozone version 1.4.0 suffers from an authentication error vulnerability that originates from an authentication error in an HTTP...

LevelOne WBR-6012 输入验证错误漏洞

The LevelOne WBR-6012 is a wireless router from LevelOne. The LevelOne WBR-6012 suffers from an Input Authentication Error vulnerability that originates from a series of incorrectly formatted FTP commands that can lead to a denial of service...

Rockwell Automation ThinManager Authentication Error Vulnerability

Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers simultaneously. Rockwell Automation ThinManager has an authentication error vulnerability that can be exploited by an attack...

SchedMD Slurm 安全漏洞

SchedMD Slurm is an open-source and highly scalable cluster management and job scheduling system for large and small Linux clusters from SchedMD, USA. A security vulnerability exists in SchedMD Slurm versions prior to 24.05.4, which stems from an error in authentication handling and could allow a...

Apache Solr Authentication Error Vulnerability

Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. An authentication error vulnerability exists in Apache Solr that stems from the...

Siemens SENTRON PAC Meter Authentication Error Vulnerability

The SENTRON PAC Meter is a power measurement device for precise energy management and transparent information acquisition. An authentication error vulnerability exists in the Siemens SENTRON PAC Meter, which can be exploited by an attacker to bypass authentication via brute force attack or by...