CVE-2026-48983

pamusb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in per-device and per-user pad directory creation. pamusb uses a check-then-act pattern: it calls lstat to test for existence and then calls mkdir separate...

EUVD-2025-30196

Malicious code in bioql PyPI...

PT-2025-38481

Name of the Vulnerable Software and Affected Versions Dover Fueling Solutions ProGauge MagLink LX4 Devices affected versions not specified Description ProGauge MagLink LX4 devices are susceptible to a time-based issue where they fail to correctly handle Unix time values exceeding a specific point...

openldap: null pointer dereference in ber_memalloc_x function

A vulnerability was found in OpenLDAP, in bermemallocx function, leading to a null pointer dereference. This flaw can result in reduced system memory and cause LDAP authentication failures. The impact is primarily a disruption in authentication processes, which may hinder user access or service...

CVE-2025-3625 Moodle: user dos and name disclosure via idor in moodle mfa email factor revoke action

A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication 2FA...

CVE-2025-3625

Summary of CVE-2025-3625 ( Moodle ) : The connected BIT-MOODLE-2025-3625 entry reports a vulnerability in Moodle described as an IDOR (in the MFA email factor revoke action) that can allow a user to disclose other users’ names and potentially gain access to sensitive information, while also enabl...

AZL-58610 CVE-2025-24912 affecting package wpa_supplicant for versions less than 2.10-3

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

UBUNTU-CVE-2025-24912

hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail...

The vulnerability of the Dovecot mail server, related to incorrect validation of input data, allows attackers to cause failures in the authentication service.

The vulnerability of the Dovecot mail server is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to cause failures in the authentication service by sending a specially formatted RPA request...

PT-2020-5176 · Dovecot +6 · Dovecot +6

Name of the Vulnerable Software and Affected Versions: Dovecot versions prior to 2.3.11.3 Description: The issue is related to incorrect input validation in the Dovecot mail server, which can be exploited by a remote attacker. This exploitation can lead to a disruption in the authentication servi...

CVE-2016-9221

A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points APs could allow an unauthenticated, adjacent attacker to cause authentication to fail. Affected Products: This vulnerability affects Cisco Mobility...