426 matches found
CVE-2025-46590
CVE-2025-46590 describes a bypass vulnerability in Huawei HarmonyOS's network search instruction authentication module. The issue allows an attacker to bypass authentication and gain access to some network search functions. Connected documents consistently attribute the flaw to the web search com...
CVE-2025-46590
Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions...
CVE-2025-46590
Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions...
PT-2025-19977 · Huawei · Harmonyos
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a bypass vulnerability in the network search instruction authentication module. Successful exploitation of this vulnerability can bypass authentication and enable access t...
The vulnerability of the Linux-PAM authentication module, related to the insecure storage of confidential information, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Linux-PAM authentication module is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
oath-toolkit: Local root exploit in a PAM module
A vulnerability was found in a PAM module, the oath-toolkit. The module gained a feature that allowed placing the OTP state file, called the usersfile, in the home directory of the to-be-authenticated user. The PAM module performed unsafe file operations in the users' home directories. Since PAM...
mod_auth_openidc: mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data
A flaw was found in modauthopenidc, an OpenID Connect authentication module for Apache HTTP Server. This vulnerability allows unauthenticated users to access protected content via crafted HTTP POST requests to protected resources when no application-level gateway is present...
RHSA-2025:3997 Red Hat Security Advisory: mod_auth_openidc:2.3 security update
Bulletin has no description...
RHEL 9 : mod_auth_openidc (RHSA-2025:3945)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3945 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connec...
CVE-2025-30700
Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks...
Huawei HarmonyOS and EMUI Access Control Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An access control vulnerability exists in Huawei HarmonyOS and EMUI.The vulnerability stems from improper access...
Huawei HarmonyOS and EMUI Access Control Vulnerability (CNVD-2025-10515)
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An access control vulnerability exists in Huawei HarmonyOS and EMUI.The vulnerability stems from improper access...
Huawei HarmonyOS and EMUI Access Control Vulnerability (CNVD-2025-10517)
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An access control vulnerability exists in Huawei HarmonyOS and EMUI.The vulnerability stems from improper access...
Debian dla-4129 : libapache2-mod-auth-openidc - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4129 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4129-1 [email protected] https://www.debian.org/lts/security/...
Oracle Solaris Critical Patch Update : apr2025_SRU11_4_78_189_2
The version of Solaris installed on the remote host is prior to 11.4.78.189.2. It is, therefore, affected by multiple vulnerabilities as referenced in the solaris11apr2025SRU114781892 advisory. - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported...
CVE-2025-30700
Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks...
CVE-2025-30700
Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Solaris. Successful attacks...
PT-2025-16434 · Oracle · Oracle Solaris
Name of the Vulnerable Software and Affected Versions: Oracle Solaris version 11 Description: The issue affects the Pluggable authentication module component of Oracle Solaris, allowing a low-privileged attacker with network access via HTTP to compromise the system. Successful attacks require hum...
Oracle Solaris 安全漏洞
Oracle Solaris is a UNIX operating system from Oracle Corporation USA. A security vulnerability exists in Oracle Solaris version 11, which stems from a flaw in the Pluggable Authentication Module that could lead to data disclosure...
oath-toolkit: Local root exploit in a PAM module
A vulnerability was found in a PAM module, the oath-toolkit. The module gained a feature that allowed placing the OTP state file, called the usersfile, in the home directory of the to-be-authenticated user. The PAM module performed unsafe file operations in the users' home directories. Since PAM...