279 matches found
PT-2024-10868 · Huawei · Huawei Smartphone
Name of the Vulnerable Software and Affected Versions: Huawei smart phone affected versions not specified Description: The issue is related to insufficient authentication in some Huawei smart phones, allowing an unauthenticated, local attacker to craft a software package to exploit this issue. Du...
Ivanti Secure Access Client Elevation of Privilege Vulnerability
Ivanti Secure Access Client is a security software client from Ivanti that is primarily used to enable remote secure access. An elevation of privilege vulnerability exists in Ivanti Secure Access Client that stems from insufficient authentication and can be exploited by an attacker to elevate its...
Ivanti Secure Access Client 安全漏洞
Ivanti Secure Access Client is a security software client from Ivanti that is primarily used to enable remote secure access. An elevation of privilege vulnerability exists in Ivanti Secure Access Client that stems from insufficient authentication and can be exploited by an attacker to elevate its...
PTZOptics Camera Multiple Vulnerabilities (Direct Check)
Binary data ptzopticscameraCVE-2024-8956.nbin...
PT-2024-9892
Name of the Vulnerable Software and Affected Versions: Ceph RadosGW affected versions not specified Description: The issue is related to insufficient authentication of data when handling JWT tokens, which can be exploited by a remote attacker to bypass the authentication procedure. This can lead ...
Cisco ATA 190 安全漏洞
The Cisco ATA 190 is an analog telephone adapter from Cisco USA. A security vulnerability exists in the Cisco ATA 190 that stems from insufficient authentication of user input. An unauthenticated, remote attacker could exploit this vulnerability to conduct a Reflective Cross-Site Scripting XSS...
PT-2024-8664 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A vulnerability was found in Moodle, related to insufficient authentication procedure, which may allow a remote attacker to gain unauthorized access to system elements. The issue requires...
PT-2024-6954 · Adobe · Commerce +2
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier Magento Open Source affected versions not specified Adobe Commerce B2B affected versions not specified Description: The issue is related to insufficient authenticatio...
Cisco IOS XE Software 安全漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...
PT-2024-9225 · 2N · 2N Access Commander
Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 3.1.1.2 and prior Description: The issue is related to insufficient authentication data verification, allowing a local attacker to escalate their privileges in the system. This could enable arbitrary code executio...
CVE-2022-25770 Insufficient authentication in upgrade flow
Mautic allows you to update the application via an upgrade script. The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation. This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable...
CVE-2024-8956 PTZOptics NDI and SDI Cameras /cgi-bin/param.cgi Insufficient Authentication
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...
CVE-2024-8956
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can...
PTZOptics PT30X-SDI/NDI-xx 安全漏洞
PTZOptics PT30X-SDI/NDI-xx is a series of HD cameras from PTZOptics. A security vulnerability exists in PTZOptics PT30X-SDI/NDI-xx versions prior to 6.3.40 that stems from insufficient authentication. An attacker exploiting this vulnerability could disclose sensitive data such as usernames,...
PT-2024-8663 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A vulnerability was found in Moodle, related to insufficient authentication procedure, which may allow a remote attacker to gain unauthorized access to system elements. The issue requires...
Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication
CyberDanube Security Research 20240805-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities in JetPort Series product| Korenix JetPort Series vulnerable version| 1.2 fixed version| None CVE number| CVE-2024-7395, CVE-2024-7396,...
CVE-2024-6895
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
CVE-2024-6895
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
CVE-2024-6895 Insecure Account Profile Management
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
PT-2024-37936 · Yugabyte · Yugabyte Platform
Name of the Vulnerable Software and Affected Versions: Yugabyte Platform affected versions not specified Description: The issue concerns insufficient authentication in user account management, allowing local network attackers with a compromised user session to modify critical security settings...