D-Link G416 安全漏洞

D-Link G416 is the AX1500 4G+ Smart Router launched by AUO in June 2025 , which supports Wi-Fi 6, AI Smart Optimization and 4G LTE Cat 6 network with up to 300Mbps internet speed. The D-Link G416 suffers from a buffer overflow vulnerability, which stems from a stack-based buffer overflow remote...

PT-2024-21067 · Delinea · Delinea Pam Secret Server

Name of the Vulnerable Software and Affected Versions: Delinea PAM Secret Server version 11.4 Description: User enumeration can occur in the Authentication REST API, allowing a remote attacker to determine whether a user is valid due to a difference in responses from the "/oauth2/token" endpoint...

CVE-2020-11711

An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possibl...

CVE-2020-11711

An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possibl...

MoveIT 跨站脚本漏洞

MoveIT is a state-of-the-art software for robotic arm movement operations from MoveIT. A cross-site scripting vulnerability exists in MoveIT v1.1.11, which stems from the discovery of a cross-site scripting XSS vulnerability via the API authentication feature...

CVE-2023-21494

Potential buffer overflow vulnerability in auth api in mmAuthentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability in SAMSUNG Mobile devices SMR May-2023 Release 1 version 1 previously existed in the auth api in mmAuthentication.c in the...

PT-2023-18248 · Unknown · Shannon Baseband

Name of the Vulnerable Software and Affected Versions: Shannon baseband versions prior to SMR May-2023 Release 1 Description: The issue is related to a potential buffer overflow vulnerability in the auth API, specifically in the mm Authentication.c file. This could allow remote attackers to cause...

CVE-2022-45931

A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/UserStore.java deleteUser function is affected when the API interface /auth/v1/users/ is used...

CVE-2021-43163

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the checkNet function in /cgi-bin/luci/api/auth...

PT-2022-12705 · Emq · Emq X Dashboard

Name of the Vulnerable Software and Affected Versions: EMQ X Dashboard version 3.0.0 Description: The issue concerns username enumeration in the "/api/v3/auth" interface. When a user logs in, the application returns different results depending on whether the account is correct, allowing an attack...

CVE-2021-28500

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration...

CVE-2019-15069

CVE-2019-15069 affects Smart Battery A4 via an unsafe authentication interface in firmware versions up to r1.7.9. An attacker can bypass authentication and obtain web page management privileges without modifying device files. The CVE is corroborated by multiple sources in the connected set (NVD e...

CVE-2019-15069 An unsafe authentication interface was discovered in Smart Battery A4

An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege...

通达OA系统 /interface/auth.php SQL注入漏洞

No description provided by source...

Live off the mobile phone client xss comfortably into the background-bug warning-the black bar safety net

Brief description: Live off the mobile phone client sidexsscomfortably, you can log in the background Detailed description: 0x00 keywords code area Live off to find room Android App, user feedback, comfortably, the storage-typexss, the'" 0x02 process User feedback directly inserted into the !...