WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained security vulnerabilities. These vulnerabilities stemmed from the getapivideopasswordiscorrect API endpoint, which allowed any unverified user to validate...

PT-2026-7167

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.57.1 Description File Browser offers a file management interface for tasks like uploading, deleting, previewing, renaming, and editing files. A flaw in the password validation process, specifically a...

CVE-2026-21891 ZimaOS has Authentication Bypass via System-Level Username

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...

CVE-2025-61115

ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...

EUVD-2025-25903

Malicious code in bioql PyPI...

CVE-2025-56694

The CVE-2025-56694 affects lumasoft fotoShare Cloud (version 2025-03-13). The vulnerability is a client-side password validation issue (CWE-602) that could allow unauthenticated attackers to view password-protected photo albums. Root cause appears to be improper client-side validation. CVSS v3.1 ...

CVE-2025-54336

In Plesk Obsidian 18.0.70, isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 such as the 0e0 string. This occurs in admin/plib/LoginManager.php...

ABB ANC 安全漏洞

ABB ANC ABB Adaptive Noise Cancellation is an industrial-grade adaptive noise cancellation system from ABB Switzerland for real-time cancellation of noise in specific frequency bands generated by equipment such as motors/transformers. A security vulnerability exists in ABB ANC version 1.1.4 and...

PT-2024-32400 · Apex Softcell · Apex Softcell Ld Dp Back Office

Name of the Vulnerable Software and Affected Versions: Apex Softcell LD DP Back Office affected versions not specified Description: This issue is related to the improper implementation of the OTP validation mechanism in certain API endpoints, allowing an authenticated remote attacker to exploit t...

CVE-2023-20012

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender FEX when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementati...

CVE-2021-43394

Unisys OS 2200 Messaging Integration Services NTSI 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated...

ovirt-aaa-jdbc-tool unauthorized access vulnerability

ovirt-aaa-jdbc-tool tools is a tool for storing authentication and authorization data in a database. A security vulnerability exists in versions of ovirt-aaa-jdbc-tool tools prior to 1.1.3, which stems from the program failing to properly verify that the current password is not invalid. An attack...