EUVD-2026-23519

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

CVE-2025-70231

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability...

CVE-2025-70231

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability...

PT-2026-23471

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description The D-Link DIR-513 version 1.10 device has a flaw where it doesn't properly check the FILECODE parameter when handling POST requests to the /goform/formLogin endpoint. This allows for a path traversal...

CVE-2025-70222

CVE-2025-70222 affects D-Link DIR-513 v1.10. A stack buffer overflow is triggered via the curTime parameter in the /goform/formLogin and /goform/getAuthCode endpoints. The vulnerability is characterized as a network-accessible issue with high impact to confidentiality, integrity, and availability...

CVE-2025-68948

SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode ...

CVE-2025-68948 SiYuan: Information Disclosure and Authentication Bypass via Hardcoded Session Secret

SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode ...

EUVD-2020-27967

Malware in sbrugna...

PT-2025-34875 · Totolink · Totolink T10

Name of the Vulnerable Software and Affected Versions: TOTOLINK T10 version 4.1.8cu.5241 B20210927 Description: A vulnerability exists in TOTOLINK T10 version 4.1.8cu.5241 B20210927 related to improper authentication. The issue is located in the /formLoginAuth.htm file and involves the manipulati...

CVE-2025-7382

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to adjacent attackers achieving pre-auth code execution on High Availability HA auxiliary devices, if OTP authentication for the admin user is enabled...

CVE-2025-7382

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to adjacent attackers achieving pre-auth code execution on High Availability HA auxiliary devices, if OTP authentication for the admin user is enabled...

CVE-2025-7382

Summary (CVE-2025-7382) : A command-injection vulnerability exists in the WebAdmin component of Sophos Firewall versions older than 21.0 MR2 (21.0.2). If OTP authentication for the admin user is enabled, adjacent attackers can achieve pre-auth code execution on High Availability (HA) auxiliary de...

PT-2024-9755

Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to 21.0 MR1 21.0.1 Description A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely. The issue is related to incorrect code generation management. This...

PT-2023-31620 · Unknown · Yii2-Authclient

Name of the Vulnerable Software and Affected Versions: yii2-authclient versions prior to 2.2.15 Description: The Oauth2 PKCE implementation in yii2-authclient is vulnerable in two ways. First, the authCodeVerifier should be removed after usage, similar to authState. Second, there is a risk for a...

CVE-2022-3696

The CVE-2022-3696 entry describes a post-auth code-injection vulnerability in Sophos Firewall Webadmin, affecting releases prior to 19.5 GA. The issue allows an administrator to execute code via the Webadmin interface with high impact (code execution, confidentiality/ integrity/ availability impa...

CVE-2022-25825

Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in...

Privilege Escalation

firefox is vulnerable to privilege escalation. A malicious extension is able to call browser.identity.launchWebAuthFlow and control the redirecturi. Subsequently, the Auth code can be retrieved and access to user's account is obtained...

CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

Code injection

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...