816 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-36611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username...
WordPress miniOrange's Google Authenticator Plugin <= 6.1.1 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin miniOrange's Google Authenticator versions = 6.1.1...
CVE-2025-8995
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995 Authenticator Login - Highly critical - Access bypass - SA-CONTRIB-2025-096
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995 Authenticator Login - Highly critical - Access bypass - SA-CONTRIB-2025-096
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...
CVE-2025-8995
CVE-2025-8995: Drupal Authenticator Login contains an authentication bypass vulnerability in versions prior to 2.1.4. The issue arises in the Authenticator Login module (Drupal) where an alternate path or channel can bypass authentication, effectively allowing login as a user without proper crede...
Drupal Authenticator Login 访问控制错误漏洞
Drupal Authenticator Login is a Drupal community authentication login module or feature for Drupal. A security vulnerability exists in Drupal Authenticator Login versions prior to 2.1.4 that stems from bypassing authentication using an alternate path or channel...
PT-2025-33500 · Drupal · Drupal Authenticator Login
Name of the Vulnerable Software and Affected Versions: Drupal Authenticator Login versions 0.0.0 through 2.1.3 Description: An Authentication Bypass Using an Alternate Path or Channel issue exists in Drupal Authenticator Login, allowing for Authentication Bypass. Recommendations: Update to versio...
MAL-2025-19693 Malicious code in eosio-reference-chrome-extension-authenticator-app (npm)
The package eosio-reference-chrome-extension-authenticator-app was found to contain malicious code...
Malicious code in aws-lambda-authenticator (npm)
The package aws-lambda-authenticator was found to contain malicious code...
Malicious code in character-authenticator (npm)
The package character-authenticator was found to contain malicious code...
Malicious code in eosio-reference-chrome-extension-authenticator-app (npm)
The package eosio-reference-chrome-extension-authenticator-app was found to contain malicious code...
MAL-2025-15227 Malicious code in aws-lambda-authenticator (npm)
The package aws-lambda-authenticator was found to contain malicious code...
MAL-2025-16794 Malicious code in character-authenticator (npm)
The package character-authenticator was found to contain malicious code...
Drupal Authenticator Login module < 2.1.4 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Authenticator Login versions 2.1.4...
python3.11-django-ansible-base: Sensitive Authenticator Secrets Returned in Clear Text via API in AAP
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...