283 matches found
CVE-2025-67719 Ibexa User Bundle is missing password change validation
Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the transition from v4 to v5 an error was introduced into validation code which causes the validation of the previous password not to run as expected. This...
CVE-2025-67719 Ibexa User Bundle is missing password change validation
Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the transition from v4 to v5 an error was introduced into validation code which causes the validation of the previous password not to run as expected. This...
PT-2025-50566
Name of the Vulnerable Software and Affected Versions Ibexa versions 5.0.0-beta1 through 5.0.3 Description Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 lack proper password validation during password changes. An error introduced during the...
Ibexa User Bundle is missing password change validation
Impact The vulnerability is in the password change dialog in the back office. During the transition from v4 to v5 a mistake was made in the validation code which caused the validation of the previous password to not run as expected. This made it possible for a logged in user to change password in...
BIT-ACTIVEMQ-2021-26117 ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error...
CVE-2025-63800
The password change endpoint in Open Source Point of Sale 3.4.1 allows users to set their account password to an empty string due to missing server-side validation. When an authenticated user omits or leaves the password and repeatpassword parameters empty in the password change request, the...
CVE-2025-61115
ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...
PT-2025-44420
Name of the Vulnerable Software and Affected Versions ABC Fine Wine & Spirits Android App versions v.11.27.5 and before Description The ABC Fine Wine & Spirits Android App does not properly validate user passwords during authentication, potentially allowing attackers to bypass login checks and...
CVE-2025-61115
ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...
CVE-2025-61115
CVE-2025-61115 affects ABC Fine Wine & Spirits Android App versions v.11.27.5 and earlier (package com.cta.abcfinewineandspirits). The root cause is improper access control in the login mechanism: the app does not properly validate user passwords during authentication, allowing bypass of login ch...
CVE-2025-61115
ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...
EUVD-2021-0782
Malware in sbrugna...
EUVD-2006-0661
Malware in sbrugna...
EUVD-2012-5343
Malware in sbrugna...
EUVD-2012-2359
Malware in sbrugna...
EUVD-2010-0252
Malware in sbrugna...
EUVD-2010-1860
Malware in sbrugna...
EUVD-2010-0258
Malware in sbrugna...
EUVD-2010-0255
Malware in sbrugna...
EUVD-2014-0067
Malware in sbrugna...