EUVD-2026-23322

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

GO-2026-4786 Mattermost fails to validate user's authentication method when processing account auth type switch in github.com/mattermost/mattermost-server

Mattermost fails to validate user's authentication method when processing account auth type switch in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...

CVE-2022-26562

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

Jitsi Meet 输入验证错误漏洞

Jitsi Meet is a set of open source projects from Jitsi Open Source. Enabling users to use and deploy a video conferencing platform with state-of-the-art video quality and features. An input validation error vulnerability exists in versions prior to Jitsi Meet 2.0.10532 that stems from a possible...

EUVD-2006-1629

Malware in sbrugna...

EUVD-2018-13778

Malware in sbrugna...

EUVD-2021-13431

Malware in sbrugna...

EUVD-2025-3965

Malicious code in bioql PyPI...

PT-2025-31532 · Undefined · Undefined

An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of authentication and...

CVE-2021-37100

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed...

Cloud Foundry UAA 安全漏洞

Cloud Foundry UAA is an authentication and managed service endpoint for the CloudFoundry Cloud Platform from the Cloud Foundry Foundation in the United States. A security vulnerability exists in Cloud Foundry UAA versions 77.21.0 through 7.31.0 that stems from private key exposure in logs...

CVE-2025-24868

The User Account and Authentication service UAA for SAP HANA extended application services, advanced model SAP HANA XS advanced model allows an unauthenticated attacker to craft a malicious link, that, when clicked by a victim, redirects the browser to a malicious site due to insufficient redirec...

CVE-2025-24868

CVE-2025-24868 relates to SAP HANA XS Advanced (UAA) where an unauthenticated attacker can craft a link that redirects victims’ browsers to a malicious site due to insufficient redirect URL validation. Documented impact is limited to confidentiality, integrity, and availability. Affected componen...

PT-2025-6128 · Sap · Sap Hana Xs Advanced Model

Name of the Vulnerable Software and Affected Versions: SAP HANA extended application services, advanced model SAP HANA XS advanced model affected versions not specified Description: The User Account and Authentication service UAA for SAP HANA extended application services, advanced model allows a...

CVE-2024-45494

An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 Fixed in 7.0.0. The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected...

CVE-2021-26637

There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device...

Design/Logic Flaw

There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device...

Huawei HarmonyOS incorrect authentication vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. A security vulnerability exists in Huawei HarmonyOS, which stems from a component of the product that does not effectively authenticate users. An attacker could...

CVE-2021-37100

There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed...

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. A security vulnerability exists in Huawei HarmonyOS, which stems from a component of the product that does not effectively authenticate users. An attacker could...