403 matches found
The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in the lack of authentication mechanisms. This allows attackers to gain unauthorized access to protected information.
The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to the lack of authentication. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected informati...
Nokia Single RAN 安全漏洞
Nokia Single RAN is a wireless network technology from Nokia, Finland. A security vulnerability exists in Nokia Single RAN 23R4-SR prior to version 3.0 MP, which stems from an insufficient authentication mechanism that could lead to elevated privileges...
The vulnerability of the Form_Login() function in the Totolink T6 router’s software allows a intruder to gain unauthorized access to protected information.
The vulnerability of the FormLogin function in the microprogramming software of the TOTOLink T6 system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of the ServerConfig.PublicKeyCallback() function in the Go programming language library allows a hacker to bypass security restrictions.
The vulnerability of the ServerConfig.PublicKeyCallback function in the Go programming language library is related to deficiencies in the authentication process when handling keys. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote locati...
The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service allows a violator to increase their privileges.
The vulnerability of the monitoring tool for Synthetics in the Kibana data visualization service is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to increase their privileges by sending a specially crafted HTTP request...
The vulnerability of the graphics processor in microprogrammed software embedded in Qualcomm chips allows attackers to execute arbitrary commands.
The vulnerability of the graphics processor in embedded Qualcomm software systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform allows a malicious actor to elevate their privileges and execute arbitrary code.
The vulnerability of the Enterprise Event Enablement component of the SAP S/4HANA software platform is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of the IBM Guardium Data Protection platform regarding data security protection, related to deficiencies in the authentication mechanism, allows attackers to disclose the protected information.
The vulnerability of the IBM Guardium Data Protection platform relates to deficiencies in its authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...
The vulnerability of Microsoft Windows Defender for Identity allows a perpetrator to perform a substitution through the neighboring network.
The vulnerability of Microsoft Windows Defender operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to perform substitution attacks through the neighboring network...
The vulnerability of MacOS operating systems, related to the lack of authentication, allows attackers to gain unauthorized access to protected information.
The vulnerability of MacOS operating systems is related to the lack of authentication. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to gain unauthorized access to protected information.
The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2025-3218
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access...
Misskey 路径遍历漏洞
Misskey is a perpetually free open source federated social media platform from Misskey Open Source. A path traversal vulnerability exists in Misskey versions prior to 12.31.0 through 2025.4.1, which stems from insufficient Mk:api authentication and could lead to unauthorized access to endpoints...
CVE-2025-24342
A vulnerability in the login functionality of the web application of ctrlX OS allows a remote unauthenticated attacker to guess valid usernames via multiple crafted HTTP requests...
The vulnerability of the course_can_delete_section() function in the virtual learning environment Moodle, which allows a violator to increase their privileges
The vulnerability of the coursecandeletesection function in the virtual learning environment Moodle is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain increased privileges...
The vulnerability of the SAP Commerce Cloud e-commerce platform, related to deficiencies in authentication procedures, allows a perpetrator to compromise the confidentiality of protected information.
The vulnerability of the SAP Commerce Cloud e-commerce platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the protected information...
The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication process, allows attackers to execute arbitrary code.
The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2025-27740
Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network...
The vulnerability of the SIEM systems’ load testing tools, Kraken Stress Testing Toolkit, arises due to deficiencies in the authentication process, allowing unauthorized users to gain access to protected information.
The vulnerability of the SIEM systems’ stress testing tools, such as Kraken Stress Testing Toolkit, stems from deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the Jenkins automation server, related to deficiencies in authentication procedures, allows attackers to escalate their privileges and gain unauthorized access to protected information.
The vulnerability of the Jenkins automation server is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...