CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

EUVD-2026-11724

Ella Core: AMF DoS via malformed PathSwitchRequest with empty NR security capability bitstrings...

EUVD-2007-5624

Malware in sbrugna...

EUVD-2017-9206

Malware in sbrugna...

EUVD-2021-19389

Malware in sbrugna...

EUVD-2021-10302

Malware in sbrugna...

EUVD-2025-23710

Malicious code in bioql PyPI...

EUVD-2025-24840

Malicious code in bioql PyPI...

EUVD-2024-0935

Malicious code in bioql PyPI...

EUVD-2024-0928

Malicious code in bioql PyPI...

EUVD-2022-32120

Malicious code in bioql PyPI...

Huawei HarmonyOS ArkWeb Component Authentication Management Class Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication management class vulnerability exists in the Huawei HarmonyOS ArkWeb component, which can be exploited by an attacker to compromise...

CVE-2025-54607

Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-54607

Authentication management vulnerability in the ArkWeb module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

PT-2025-32014 · Arkweb · Arkweb

Name of the Vulnerable Software and Affected Versions: ArkWeb module affected versions not specified Description: An authentication management issue exists in the ArkWeb module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At the moment, there is no...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication management class vulnerability exists in the Huawei HarmonyOS ArkWeb component, which can be exploited by an attacker to compromise...

[SECURITY] Fedora 42 Update: lemonldap-ng-2.21.0-1.fc42

LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...

Enrich 安全漏洞

Enrich is an enterprise-grade security platform for authentication and access management from Enrich. A security vulnerability exists in Enrich 5.1.0 and prior versions that originates from a maliciously constructed event that could cause the service to crash...

DMARC for PCI DSS 4.0: A Good Practice for Securing Emails

PCI DSS 4.0 encourages the implementation of anti-phishing controls like DMARC! This highlights and reinforces the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. While not a mandate or a requirement for PCI DSS compliance, DMARC and...

CVE-2024-28855

ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters prior to versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and...