Lucene search
K

4018 matches found

Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.12 views

PT-2026-50432

Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager versions prior to 5.1.0.1 Dell PowerFlex Manager versions prior to 4.5.5.2 Description An improper authentication issue allows an unauthenticated attacker with adjacent network access to bypass authentication without...

8.1CVSS5.8AI score0.00216EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/16 2:20 p.m.32 views

CVE-2026-0647 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities

An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication...

8.8CVSS0.00435EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:17 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Authentication, Insertion of Sensitive Information into Log File, Improper Encoding or Escaping of Output (CVE-2026-34500, CVE-2026-34487, CVE-2026-34483)

Summary There are vulnerabilities in tomcat-embed-core-10.1.52.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-34500, CVE-2026-34487, CVE-2026-34483. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-34483 DESCRIPTION: Improper Encoding or Escaping...

7.5CVSS6.8AI score0.00469EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/13 5:36 p.m.14 views

EUVD-2026-36653

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/13 5:36 p.m.8 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/13 5:36 p.m.25 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS0.00548EPSS
Exploits0References4
CVE
CVE
added 2026/06/13 5:36 p.m.40 views

CVE-2026-12183

CVE-2026-12183 affects Nefteprodukttekhnika BUK TS-G Gas Station Automation System versions 2.9.1–2.10.2 on Linux. The vulnerability is an improper authentication (CWE-287) in the system configuration module: the /php/ajax-login.php endpoint can return userid=1 (administrator) for any HTTP POST w...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.13 views

PT-2026-49099

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/12 2:27 a.m.9 views

CVE-2026-48611

Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations...

9.8CVSS8.5AI score0.00662EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-48826

Name of the Vulnerable Software and Affected Versions phpBB versions prior to 3.3.17 Description Improper authentication checks in the OAuth implementation allow unauthenticated attackers to hijack accounts, including administrator accounts, on default installations. This issue occurs even if OAu...

9.8CVSS7.2AI score0.00662EPSS
Exploits1References13
GithubExploit
GithubExploit
added 2026/06/11 2:6 a.m.61 views

Exploit for Improper Authentication in Pocketbase

CVE-2026-44166 — PocketBase OAuth2 Account Pre-Hijacking Self...

7.6CVSS5.4AI score0.00247EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.10 views

CVE-2026-44810

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally...

8.4CVSS5.4AI score0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:6 p.m.10 views

EUVD-2026-35744

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally...

8.4CVSS5.4AI score0.00261EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:6 p.m.46 views

CVE-2026-44810

CVE-2026-44810: Improper authentication in Windows Cryptographic Services allows a local attacker to elevate privileges. Affected: Windows Cryptographic Services. Impact: HIGH (CVSS 3.1 base 8.4) with local attack, no user interaction required; confidentiality, integrity, and availability are HIG...

8.4CVSS5.4AI score0.00261EPSS
Exploits0References1Affected Software6
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally...

8.4CVSS5.5AI score0.00261EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/09 2:15 a.m.36 views

CVE-2026-11618 DTStack Taier Source Connection Test Endpoint LoginInterceptor.java preHandle improper authentication

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead ...

7.5CVSS0.00401EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/09 2:15 a.m.13 views

EUVD-2026-35291

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead ...

7.5CVSS6.7AI score0.00401EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Taier 授权问题漏洞

Taier is a distributed scheduling system open source by DTStack. It aims to reduce the costs of ETL processes, clarify complex dependencies between tasks, and lower labor costs related to submission, scheduling, and operations. Versions of Taier 1.4.0 and earlier have vulnerabilities related to...

7.5CVSS7.5AI score0.00401EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47926

Name of the Vulnerable Software and Affected Versions Windows Cryptographic Services affected versions not specified Description Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally, which can affect the system. Recommendations At...

8.4CVSS5.2AI score0.00261EPSS
Exploits0References7
CISA
CISA
added 2026/06/08 12:0 p.m.12 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42271link is external BerriAI LiteLLM Command Injection Vulnerability CVE-2026-50751link is external Check Point Security Gateway Improper Authentication...

9.3CVSS5.7AI score0.80188EPSS
In wildExploits6References7
Rows per page
Query Builder