829 matches found
CVE-2026-46514
Frogman provides headless PBX control through MCP and HTTP API. Prior to 1.6.2, fmresetpassword in Tools/ResetPassword.php:48-53 returned a plaintext password and fmaddextension in Tools/AddExtension.php:172 returned a plaintext secret; Frogman.class.php:2207-2211 used auditOutcome to JSON-encode...
CVE-2026-46514
Frogman (headless PBX control via MCP/HTTP API) had a vulnerability prior to version 1.6.2 where returned a plaintext password and returned a plaintext secret. Frogman.class.php:2207-2211 JSON-encoded these values in , enabling any PERM_READ caller with access to to recover stored credentials....
OPENSUSE-SU-2026:21320-1 Security update for pam
This update for pam fixes the following issue - CVE-2026-54411: timing discrepancy in the pamuserdb module's plaintext-password comparison bsc1268290...
OESA-2026-2903 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...
OESA-2026-2901 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in...
CVE-2026-11405
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification prodencode64/PasswordToMd5/checkrandkey. - After normal authentication fails, it...
CVE-2026-11405 Hidden backdoor authentication mechanism in multiple versions of Tenda firmware allows admin access to web management interface
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification prodencode64/PasswordToMd5/checkrandkey. - After normal authentication fails, it...
CVE-2026-11405
CVE-2026-11405 affects multiple Tenda firmware versions where the web server binary /bin/httpd implements a hidden backdoor authentication in login(): after normal MD5-based verification, if authentication fails it reads a config value via GetValue("sys.rzadmin.password") and compares it to the u...
CVE-2026-11405
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification prodencode64/PasswordToMd5/checkrandkey. - After normal authentication fails, it...
EUVD-2026-41919
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification prodencode64/PasswordToMd5/checkrandkey. - After normal authentication fails, it...
PT-2026-55969
Name of the Vulnerable Software and Affected Versions Tenda firmware versions US FH1201V1.0BR V1.2.0.14408 EN TD Tenda firmware versions US W15EV1.0br V15.11.0.51068 1567 841 EN TDE Tenda firmware versions US AC10V1.0re V15.03.06.46 multi TDE01 Tenda firmware versions US AC5V1.0RTL V15.03.06.48...
CVE-2026-47379 NocoDB: Plaintext Password Comparison in Shared Views
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared-view password check fell back to strict-equality === comparison for legacy plaintext passwords, leaking the password's length and per-character prefix through response timing. This vulnerability is fixed in...
CVE-2025-52465
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web pa...
SUSE CVE-2026-54411
Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...
CVE-2026-54411
Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...
CVE-2026-54411
Linux-PAM up to 1.7.2 is affected by a timing side-channel in the pam_userdb plaintext-password comparison path (modules/pam_userdb/pam_userdb.c). When configured with crypt=none, an unrecognized crypt method, or without a crypt= argument, credentials are stored/compared in plaintext. The compari...
CVE-2026-54411
Linux-PAM through 1.7.2 contains an observable timing discrepancy CWE-208 in the pamuserdb module's plaintext-password comparison path in modules/pamuserdb/pamuserdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the...
PT-2026-49134
Name of the Vulnerable Software and Affected Versions Linux-PAM versions prior to 1.7.3 Description A timing discrepancy exists in the pam userdb module's plaintext-password comparison path within modules/pam userdb/pam userdb.c. A local or network-adjacent attacker can recover the plaintext...
CVE-2021-47961
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combin...
CVE-2026-6500
Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5...