EUVD-2014-8150

Malware in sbrugna...

CVE-2025-55068

Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...

CVE-2025-55068

Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...

CVE-2025-55068 Dover Fueling Solutions ProGauge MagLink LX4 Devices Integer Overflow or Wraparound

Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...

CVE-2025-55068 Dover Fueling Solutions ProGauge MagLink LX4 Devices Integer Overflow or Wraparound

Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...

USN-7705-1 tomcat10 vulnerabilities

It was discovered that Tomcat did not correctly handle case sensitivity. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2025-46701 Elysee Franchuk discovered that Tomcat did not correctly limit the number of attributes for a session. An attacker could possibly...

The vulnerability of the Managed Configuration component for macOS operating systems allows attackers to increase their privileges.

The vulnerability of the Managed Configuration component for macOS operating systems is related to errors in the authentication process. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the MFlash secure data exchange platform, related to authentication errors, allows attackers to escalate their privileges.

The vulnerability of the MFlash secure data exchange platform is related to authentication errors. Exploiting this vulnerability allows a malicious actor to enhance their privileges and use the file storage system beyond the architectural limitations by intercepting API responses...

The vulnerability of Zoom’s video conferencing software, related to errors in the authentication process, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Zoom’s video conferencing software is related to errors in the authentication process for verifying certificate authenticity. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the implementation of the SMB protocol in Microsoft Windows operating systems allows a hacker to perform a spoofing attack.

The vulnerability of the SMB protocol implementation in Microsoft Windows is related to errors in the authentication process. Exploiting this vulnerability allows a malicious actor to perform a spoofing attack remotely...

The vulnerability of the Dell ECS storage platform, related to errors in the authentication process, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Dell ECS storage platform is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2024-11084

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...

The vulnerability of the Samba networking communication package, related to authentication errors, allows a perpetrator to gain access to confidential data.

The vulnerability of the Samba networking communication package is related to authentication errors. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

CVE-2025-26485

A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts in case of the usage of a wrong password or a non existent user. The difference in the returned error messages could be used by attackers to understand whether a certain user is...

The vulnerability of the Qnap network device support automation system is related to errors in the authentication process. This error allows a malicious user to gain unauthorized access to the device.

The vulnerability of the Qnap network device support automation system is related to errors in the authentication process for certificates. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the device remotely...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, are related to authentication process errors. These errors allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, are related to authentication process errors. Exploiting these vulnerabilities can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the web server of the microprogramming software for programmable logic controllers SIMATIC S7-1200 allows attackers to perform spoofing attacks.

The vulnerability of the web server of microprogrammed software-controlled logical controllers SIMATIC S7-1200 is related to errors in authenticating certificates. Exploiting this vulnerability allows an attacker to perform spoofing attacks remotely...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Symfony vulnerabilities (USN-7272-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7272-1 advisory. Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this...

ROS-20250121-11

A vulnerability in the QTextLayout component of the cross-platform software development framework Qt is related to buffer copying without input validation. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted file SVG A...

The vulnerability of the software for managing Lenovo Accessories and Display Manager (LADM) and the software for managing and configuring Lenovo Display Control Center (LDCC) lies in errors in the authentication process, allowing a perpetrator to execute arbitrary code.

The vulnerabilities of the Lenovo Accessories and Display Manager LADM software for managing accessories and displays, as well as the Lenovo Display Control Center LDCC software for controlling and configuring displays, are related to errors in the certificate validation process. Exploiting these...