47 matches found
CVE-2009-4357
CQWeb aka the web interface in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors...
CVE-1999-0549
Windows NT automatically logs in an administrator upon rebooting...
EUVD-2019-2162
Malware in sbrugna...
EUVD-2019-2161
Malware in sbrugna...
EUVD-2017-15403
Malware in sbrugna...
EUVD-2009-4325
Malware in sbrugna...
EUVD-2023-34238
Malicious code in bioql PyPI...
EUVD-2025-19867
Malicious code in bioql PyPI...
Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16343)
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that originates from automatically logging in an EPC2 Windows user at startup without entering a password. An...
CVE-2025-27461
During startup, the device automatically logs in the EPC2 Windows user without requesting a password...
CVE-2025-27461
During startup, the device automatically logs in the EPC2 Windows user without requesting a password...
CVE-2025-27461
CVE-2025-27461 affects the Endress+Hauser MEAC300-FNADE4 emissions data management device. The root cause is startup-time automatic login of the EPC2 Windows user without a password, effectively bypassing authentication and enabling full access where the device is physically reachable. The CVE is...
CVE-2025-27461 CVE-2025-27461
During startup, the device automatically logs in the EPC2 Windows user without requesting a password...
CVE-2025-27461 CVE-2025-27461
During startup, the device automatically logs in the EPC2 Windows user without requesting a password...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that originates from automatically logging in an EPC2 Windows user at startup without entering a password. An...
CVE-2023-2781
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticateuserbyemail in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resendverificationemail function. This allows unauthenticated...
CVE-2025-48061 wire-webapp Has Insufficient Session Invalidation after User Logout
wire-webapp is the web application for the open-source messaging service Wire. A change caused a regression resulting in sessions not being properly invalidated. A user that logged out of the Wire webapp, could have been automatically logged in again after re-opening the application. This does no...
CVE-2019-10120
On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration aka setAutoLogin can be achieved by continuing to use a session ID after a logout, aka HMCCU-154...
PT-2025-22515 · Wire · Wire-Webapp
Name of the Vulnerable Software and Affected Versions: wire-webapp versions 2025-05-14-production.0 through 2025-05-20-production.0 Description: The issue is related to a regression in the session invalidation process. When a user logs out of the Wire webapp, they could be automatically logged in...
CVE-2024-1573
Missing Authentication for Critical Function vulnerability in the mobile monitoring feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 and prior, Mitsubishi Electri...