14 matches found
CVE-2026-4116
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...
CVE-2026-4114
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...
SonicWall SMA1000 Series Appliances Affected By Multiple Vulnerabilities
1 CVE-2026-4112 - Privilege Escalation via SQL InjectionImproper neutralization of special elements used in an SQL command “SQL Injection” in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary...
PT-2026-31394
Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances Description An SQL injection flaw exists in SonicWall SMA1000 series appliances. A remote authenticated attacker with read-only administrator privileges can escalate privileges to primary administrator. The...
PT-2026-31397
Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances affected versions not specified Description Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP...
CVE-2026-33315
Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, the Caldav endpoint allows login using Basic Authentication, which in turn allows users to bypass the TOTP on 2FA-enabled accounts. The user can then access standard project information that would normally be...
CVE-2026-32729 Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`
Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user's valid credentials via phishing, credential stuffing, or data breach c...
CVE-2025-66489
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in...
EUVD-2025-36696
Zitadel May Bypass Second Authentication Factor...
CVE-2025-64103
CVE-2025-64103 concerns Zitadel where, starting from versions 2.53.6, 2.54.3, and 2.55.0, MFA could be bypassed if the login policy did not explicitly require MFA, allowing sessions authenticated with a single factor to remain valid. An attacker could target a six‑digit TOTP code and bypass passw...
CVE-2022-45173
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challenge endpoint. Because only the client-side verifies whether a check was successful, an attacker can modify the response, and fool the...
Pulse Policy Secure < 9.1R8 (SA44516)
According to its self-reported version, the version of Pulse Policy Secure running on the remote host is prior to 9.1R8. It is, therefore, affected by multiple vulnerabilities: - An attacker can bypass the Google TOTP, if the primary credentials are exposed to attacker CVE-2020-8206. - An...
Pulse Connect Secure < 9.1R8 (SA44516)
According to its self-reported version, the version of Pulse Connect Secure running on the remote host is prior to 9.1R8. It is, therefore, affected by multiple vulnerabilities: - An attacker can bypass the Google TOTP, if the primary credentials are exposed to attacker CVE-2020-8206. - An...
Authentication flaw
An improper authentication vulnerability exists in Pulse Connect Secure 9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP...