CVE-2026-34408

An issue was discovered in Gambio 4.9.2.0 patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0. The password reset function can be bypassed to set arbitrary passwords for arbitrary accounts if the ID is known...

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to view the passwords of arbitrary users.

The vulnerability in the web interface for managing microprogrammed software devices of Cisco Analog Telephone Adapter ATA series 190 involves the storage of passwords in a recoverable format. Exploiting this vulnerability allows an attacker to view the passwords of arbitrary users...

Logic Flaw Vulnerability in ENLINK CASB Backend Management System

Ltd. specializes in network security product development and sales, is the industry's leading "zero trust" solution provider. A logic flaw exists in the backend management system of ENLINK CASB, which can be exploited by an attacker to cause an arbitrary user password to log into the management...

CVE-2019-11187

Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided...

Pilot Future (Beijing) Technology Co., Ltd. digital campus learning platform has an administrator arbitrary password login vulnerability

Microknowledge Base is to provide a platform for the operation and management of self-resource libraries. An administrator arbitrary password login vulnerability exists in the Digital Campus Learning Platform. The vulnerability stems from a hard-coded or permission judgment business logic...