EUVD-2021-23378

Malware in sbrugna...

EUVD-2018-20467

Malware in sbrugna...

PT-2025-29301 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The provided descriptions indicate an authentication bypass issue. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer...

CVE-2022-32429

An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution...

CVE-2021-29441

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication -Dnacos.core.auth.enabled=true Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor...

CVE-2024-56325

Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json" -d...

CVE-2025-25055

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed...

CVE-2024-12111 Potential LDAP injection vulnerability in OpenText Privileged Access Manager

In a specific scenario a LDAP user can abuse the authentication process using injection attack in OpenText Privileged Access Manager that allows authentication bypass. This issue affects Privileged Access Manager version 23.34.4; 24.34.5...

Apache Tomcat 10.1.27 < 10.1.31 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.31. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.31security-10 advisory. - Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the...

CVE-2023-41081

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

SUSE-SU-2022:2154-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAMACCTMGM return value that could lead to authentication bypass when using PAM bsc1200566...

PT-2022-11232 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: An authentication bypass issue exists in the cgiserver.cgi Login functionality. A specially-crafted HTTP request can lead to authentication bypass, allowing an attacker to send an HTTP...

Authentication flaw

When attempting to allow authentication mode try in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication...

AlienVault OSSIM/USM &lt; 5.3.1 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q This module exploits object injection, authentication bypass an...

DUO-PSA-2014-003: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-003 Publication Date: 2014-01-27 Status: Confirmed, Fixed Document Revision: 2 Overview Duo Security has identified an issue in which it is possible to bypass second factor authentication of Remote Desktop Protocol RDP integrations which are...

DUO-PSA-2014-001: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2014-001 Publication Date: 2014-01-08 Status: Confirmed, Fixed Document Revision: 2 Overview Older versions of the Duo Security Outlook Web Access OWA integration may be vulnerable to a bypass of the second authentication factor. Description Unde...

Authentix Security Advisory

Security advisory: Authentix100 Release Date: 1 november 2000 Vendor: Flicks Software http://www.flicks.com Product Description Authentix is a Windows-based product that offers cookie/form-based or 100 cookie-free "Basic Authentication" website protection while keeping NT Users Names and Password...