Lucene search
K

2549 matches found

Malwarebytes
Malwarebytes
added 2025/10/27 2:53 p.m.5 views

How to set up two factor authentication (2FA) on your Instagram account

Two-factor authentication 2FA isn't foolproof, but it is one of the best ways to protect your accounts from hackers. It adds a small extra step when logging in, but that extra effort pays off. Instagram’s 2FA requires an additional code whenever you try to log in from an unrecognized device or...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/10/27 11:21 a.m.3 views

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10

X formerly Twitter is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.11 views

CVE-2025-60425

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack...

6.7AI score0.00935EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Nagios Fusion 安全漏洞

Nagios Fusion is a centralized monitoring and visualization platform from the US-based Nagios, Inc. A security vulnerability exists in Nagios Fusion versions v2024R1.2 and v2024R2 that stems from failure to invalidate an existing session token when enabling two-factor authentication, which could...

8.6CVSS6.4AI score0.00935EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/27 12:0 a.m.7 views

CVE-2025-60425

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack...

0.00935EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/27 12:0 a.m.2 views

CVE-2025-61482

Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets,...

6.4AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 12:0 a.m.3 views

EUVD-2025-36185

Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets,...

7.2CVSS6.3AI score0.00139EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/27 12:0 a.m.8 views

CVE-2025-61482

Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets,...

0.00139EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43966

Name of the Vulnerable Software and Affected Versions privacyIDEA Authenticator version 4.3.0 Description A flaw exists in the handling of OTP/TOTP/HOTP values within the privacyIDEA Authenticator application on Android. A local attacker with root access can bypass two-factor authentication by...

7.2CVSS6.5AI score0.00139EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-43978

Name of the Vulnerable Software and Affected Versions Nagios Fusion versions 2024R1.2 and 2024R2 Description Nagios Fusion versions 2024R1.2 and 2024R2 do not invalidate existing session tokens when two-factor authentication is enabled. This allows an attacker to potentially hijack active session...

8.6CVSS6.8AI score0.00935EPSS
Exploits0References8
CVE
CVE
added 2025/10/27 12:0 a.m.20 views

CVE-2025-60425

CVE-2025-60425 affects Nagios Fusion v2024R1.2 and v2024R2. The root cause is failure to invalidate existing session tokens when two-factor authentication is enabled, enabling session hijacking attacks. The CVSSv3.1 base score is 8.6 (HIGH) with network attack vector, no user interaction, and no ...

8.6CVSS6.7AI score0.00935EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/10/27 12:0 a.m.12 views

CVE-2025-61482

The CVE-2025-61482 vulnerability affects privacyIDEA Authenticator for Android (version 4.3.0). A local attacker with root access can bypass two-factor authentication by hooking cryptographic routines and intercepting decryption paths to recover plaintext secrets, enabling generation of valid OTP...

7.2CVSS6.4AI score0.00139EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/22 2:9 a.m.4 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS6.9AI score0.05462EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 3:15 a.m.10 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS0.05462EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 3:15 a.m.3 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS5.8AI score0.05462EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/21 1:57 a.m.10 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS0.05462EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 1:57 a.m.5 views

EUVD-2025-35119

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS6.5AI score0.05462EPSS
Exploits0References2
CVE
CVE
added 2025/10/21 1:57 a.m.16 views

CVE-2025-9133

Summary of CVE-2025-9133 (Zyxel devices) Technical details in the connected PT-2025-42828 entry show a missing authorization flaw in Zyxel ATP series, Zyxel USG FLEX series, and Zyxel USG20(W)-VPN devices. The vulnerability arises from insufficient input validation/logic in the CGI interface, spe...

8.1CVSS6.7AI score0.05462EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/21 1:57 a.m.5 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS6.7AI score0.05462EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.1 views

WordPress Keyy Two Factor Authentication plugin Privilege Escalation Vulnerability

WordPress Keyy Two Factor Authentication plugin is a plugin for enhancing the login security of your website. A privilege escalation vulnerability exists in the WordPress Keyy Two Factor Authentication plugin, which can be exploited by an attacker to cause an elevation of privilege, due to a...

8.8CVSS7AI score0.00337EPSS
Exploits0References1
Rows per page
Query Builder