Lucene search
K

748 matches found

Cvelist
Cvelist
added 2026/04/03 8:10 p.m.19 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS0.00473EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/27 12:31 a.m.4 views

EUVD-2026-16452

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
CVE
CVE
added 2026/03/26 9:16 p.m.11 views

CVE-2026-4346

The CVE concerns TP-Link TL-WR850N v3 where credentials (administrative and Wi‑Fi) are stored in cleartext in a region of the device’s flash while the serial interface is enabled and protected by weak authentication. A physical attacker who can access the serial port can recover sensitive data, i...

6.8CVSS5.8AI score0.00124EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.5 views

CVE-2025-62844

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later...

7CVSS5.8AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-30969

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

9.1CVSS5.8AI score0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.4 views

PT-2026-28644

Name of the Vulnerable Software and Affected Versions TL-WR850N version 3 Description The issue allows for the storage of administrative and Wi-Fi credentials in cleartext within a region of the device’s flash memory. The serial interface remains enabled and is protected by weak authentication. A...

6.8CVSS5.9AI score0.00124EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

TP-Link TL-WR850N 安全漏洞

The TP-Link TL-WR850N is a WiFi router produced by the TP-Link company. The TP-Link TL-WR850N v3 has a security vulnerability. This vulnerability arises from the fact that, when the serial interface is enabled and under weak authentication protection, management credentials and Wi-Fi credentials...

6.8CVSS5.8AI score0.00124EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15843

Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through = 2.0.45...

5.8AI score0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.4 views

CVE-2026-32497

Weak Authentication vulnerability in PickPlugins User Verification user-verification allows Authentication Abuse.This issue affects User Verification: from n/a through = 2.0.45...

5.3CVSS0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.5 views

WordPress plugin User Verification 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens APE1808 Weak Authentication (CVE-2024-48886)

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1...

9.8CVSS6AI score0.00462EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.13 views

Siemens APE1808 Weak Authentication (CVE-2024-50563)

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker ...

9.8CVSS6AI score0.00557EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/22 11:9 p.m.32 views

CVE-2026-4562 MacCMS Timming API Endpoint Timming.php weak authentication

A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00517EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/22 11:9 p.m.3 views

CVE-2026-4562 MacCMS Timming API Endpoint Timming.php weak authentication

A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. The attack may be performed from remote. The exploit has been...

7.5CVSS5.3AI score0.00517EPSS
Exploits0References4
CVE
CVE
added 2026/03/22 11:9 p.m.18 views

CVE-2026-4562

The CVE-2026-4562 entry describes a security flaw in MacCMS version 2025.1000.4052 affecting an unknown part of application/api/controller/Timming.php within the Timming API Endpoint. The vulnerability permits missing authentication, with remote exploitation possible and the exploit publicly rele...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/20 6:31 p.m.6 views

EUVD-2025-208897

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later...

7CVSS5.8AI score0.00197EPSS
Exploits0References2
NVD
NVD
added 2026/03/20 5:16 p.m.7 views

CVE-2025-62844

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later...

7CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/03/20 4:21 p.m.50 views

CVE-2025-62844

CVE-2025-62844 describes a weak authentication vulnerability affecting QHora/QuRouter where an attacker with local network access can exploit the issue to obtain sensitive information. According to connected sources, the vulnerability impacts authentication mechanisms and allows confidential data...

7CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/20 4:21 p.m.3 views

CVE-2025-62844

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later...

7CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/20 4:21 p.m.2 views

CVE-2025-62844 QuRouter

A weak authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: QuRouter 2.6.2.007 and later...

7CVSS5.8AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder