CVE-2025-62312

HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices...

CVE-2025-62312

Technical details about CVE-2025-62312 are not publicly available in the provided documents. The materials describe basic authentication usage but do not specify affected products, versions, root cause, or remediation. Monitor for updates.

CVE-2020-37094

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and...

CVE-2020-37094

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and...

CVE-2020-37094

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and...

CVE-2020-37094 EspoCRM 5.8.5 - Privilege Escalation

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and...

CVE-2020-37094

EspoCRM 5.8.5 is affected by an authentication vulnerability where attackers can access other user accounts by manipulating authorization headers (e.g., Basic and Espo-Authorization tokens). The Red Hat/NVD entries describe unauthorized access to administrative information and privileges; CVSS v3...

CVE-2020-37094

EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and...

PT-2026-5844

Name of the Vulnerable Software and Affected Versions EspoCRM version 5.8.5 Description The software contains an authentication issue that allows unauthorized access to user accounts. Attackers can manipulate authorization headers, specifically decoding and modifying Basic Authorization and...

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. Version 5.8.5 of EspoCRM contains a security vulnerability. This vulnerability stems from an...

EUVD-2022-48798

Malicious code in bioql PyPI...

CVE-2022-45956

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...

CVE-2025-32862

CVE-2025-32862 concerns Siemens TeleControl Server Basic. Affected: all versions

Grafana -- Authorization bypass in data source proxy API

Grafana Labs reports: This vulnerability, which was discovered while reviewing a pull request from an external contributor, effects Grafana’s data source proxy API and allows authorization checks to be bypassed by adding an extra slash character / in the URL path. Among Grafana-maintained data...

Boa Web Server v0.94.14 - Authentication Bypass

Exploit Title: Boa Web Server v0.94.14 - Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint on th...

CVE-2022-45956

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...

Authorization

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...

CVE-2022-45956

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...

PT-2022-27698 · Unknown · Boa Web Server

Name of the Vulnerable Software and Affected Versions: Boa Web Server versions 0.94.13 through 0.94.14 Description: The issue allows bypassing of the Basic Authorization mechanism due to a failure in validating the correct security constraint on the HEAD HTTP method. Recommendations: For Boa Web...

CVE-2022-45956

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...