279 matches found
Huawei EMUI/HarmonyOS Insufficient Authentication Vulnerability (CNVD-2025-18903)
Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a mobile operating system based on Android, and Huawei HarmonyOS, a distributed operating system developed by Huawei for the whole scenario, aiming at realizing intelligent interconnection and resource sharing among people, devices, an...
Huawei EMUI/HarmonyOS Insufficient Authentication Vulnerability
Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a mobile operating system based on Android, and Huawei HarmonyOS, a distributed operating system developed by Huawei for the whole scenario, aiming at realizing intelligent interconnection and resource sharing among people, devices, an...
PT-2024-5068 · Roku · Roku Indoor Camera Se
Name of the Vulnerable Software and Affected Versions: Kalay SDK versions affected versions not specified Owlet Cam version affected versions not specified Owlet Cam v1 Owlet Cam v2 Wyze Cam v3 Roku Indoor Camera SE Description: The issue is related to insufficient authentication of received data...
Huawei HarmonyOS 安全漏洞
Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a mobile operating system based on Android, and Huawei HarmonyOS, a distributed operating system developed by Huawei for the whole scenario, aiming at realizing intelligent interconnection and resource sharing among people, devices, an...
Huawei HarmonyOS 安全漏洞
Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a mobile operating system based on Android, and Huawei HarmonyOS, a distributed operating system developed by Huawei for the whole scenario, aiming at realizing intelligent interconnection and resource sharing among people, devices, an...
Authentication Bypass Via Spoofing
Apache HugeGraph-api is vulnerable to an Authentication Bypass via Spoofing. The vulnerability is due to insufficient authentication checks, allowing an attacker to bypass authentication by spoofing certain parameters or headers...
PT-2024-2380 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.18 Description: The issue is related to insufficient authentication of requests executed by the fromSysToolReboot function, accessible through the "/goform/SysToolReboot" endpoint. This can be exploited by a remote...
CVE-2023-31211 Disabled automation users could still authenticate
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials...
CVE-2023-31211
Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials...
PT-2024-12262 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p17 Checkmk versions prior to 2.1.0p37 Checkmk versions prior to 2.0.0p39 Description: The issue is related to an insufficient authentication flow, allowing an attacker to utilize locked credentials...
PT-2023-8618 · Xwiki · Xwiki Admin Tools
Name of the Vulnerable Software and Affected Versions: XWiki Admin Tools versions 4.4 through 4.5.0 Description: The issue is related to insufficient authentication of executed requests in the XWiki Admin Tools application. This allows a remote attacker to execute arbitrary commands by tricking a...
PT-2023-6585 · Sielco · Sielco Polyeco1000
Name of the Vulnerable Software and Affected Versions: Sielco PolyEco1000 affected versions not specified Description: The issue is related to insufficient restriction of authentication attempts and the use of a weak set of default administrative credentials in the Sielco PolyEco1000 digital...
South River Technologies Titan MFT and Titan SFTP Path Traversal Vulnerabilities
South River Technologies Titan MFT and South River Technologies Titan SFTP are both products of South River Technologies.South River Technologies Titan MFT is a popular file transfer solution for managing and encrypting file transfers.South River Technologies Titan SFTP is a solution for A securi...
PT-2023-5331 · Tp Link · Tp-Link Er5120G
Name of the Vulnerable Software and Affected Versions: TP-LINK ER5120G version 4.0 2.0.0 Build 210817 Rel.80868n Description: The issue is related to insufficient authentication procedures in the TP-LINK ER5120G router, allowing attackers to obtain sensitive device information without...
PT-2023-5314 · Acronis · Acronis Agent
Name of the Vulnerable Software and Affected Versions: Acronis Agent versions prior to build 32047 Description: The issue is related to insufficient authentication procedure in the backup and recovery software, which may allow an attacker to access confidential information. Specifically, it...
CVE-2023-38028
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service...
CVE-2023-38028
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can’t control system or disrupt service...
CVE-2023-38028
CVE-2023-38028 affects Saho ADM100 and ADM-100FP appliances. The issue is described as insufficient authentication that allows an unauthenticated remote attacker to bypass authentication, read system information, and operate user data, but not to fully control the system or disrupt service. CVSS ...
PT-2023-26255 · Saho · Saho Adm100 +1
Name of the Vulnerable Software and Affected Versions: Saho attendance devices ADM100 and ADM-100FP affected versions not specified Description: The issue is related to insufficient authentication in Saho’s attendance devices. An unauthenticated remote attacker can exploit this to bypass...
Moodle 安全漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient authentication leading to a proxy bypass risk, which could...