CVE-2023-52361

The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity...

Privilege escalation

The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity...

CVE-2023-52361

The CVE-2023-52361 entry corresponds to Huawei HarmonyOS VerifiedBoot module authentication errors. Multiple sources (NVD, CNVD, CNNVD) describe a vulnerability in the VerifiedBoot component that can compromise system integrity (I = High) with no confidentiality or availability impact, and with n...

CVE-2023-52361

The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploitation of this vulnerability may affect integrity...

PT-2024-14551 · Unknown · Verifiedboot

Name of the Vulnerable Software and Affected Versions: VerifiedBoot affected versions not specified Description: The VerifiedBoot module has a vulnerability that may cause authentication errors. Successful exploitation of this vulnerability may affect integrity. Recommendations: At the moment,...

The vulnerability of the XWiki Platform, a platform for creating collaborative web applications, related to authentication errors, allows attackers to escalate their privileges.

The vulnerability of the XWiki Platform is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow lies in authentication errors, which allow attackers to modify arbitrary data.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to authentication errors. Exploiting this vulnerability allows a malicious actor to modify arbitrary data remotely...

The vulnerability of the XWiki Platform, a platform for creating collaborative web applications, related to authentication errors, allows a malicious user to edit any document at will.

The vulnerability of the XWiki Platform relates to authentication errors. Exploiting this vulnerability allows a malicious actor to remotely edit any document they wish...

The vulnerability of the optimization tool for automatic BIOS driver updates, Lenovo Vantage Service, is related to errors in the authentication process. This vulnerability allows a perpetrator to execute arbitrary code with elevated privileges.

The vulnerability of the optimization tool for automatic BIOS driver updates in Lenovo Vantage Service is related to errors in the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

SEO Panel Security Breach

SEO Panel is an open source panel for managing SEO Search Engine Optimization on websites. A security vulnerability exists in SEO Panel version 4.10.0 that stems from a discrepancy in error messages during user authentication that could allow an attacker to determine if a username is valid, leadi...

GHSA-CHCR-X7HC-8FP8 Devise-Two-Factor vulnerable to brute force attacks

Advisory withdrawn The backing CVE has been rejected Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2F...

Devise-Two-Factor vulnerable to brute force attacks

Advisory withdrawn The backing CVE has been rejected Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2F...

Devise-Two-Factor vulnerable to brute force attacks

Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2FA mechanism through brute-force attacks. Impact If a...

The vulnerability of the PowerShell command interpreter for Windows operating systems allows attackers to exploit it to disclose sensitive information.

The vulnerability of PowerShell command interpreters on Windows operating systems is related to authentication process errors. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information remotely...

PT-2023-7432 · Microsoft +1 · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to errors in the authentication procedure of the Windows operating system's PowerShell interpreter. Exploitation of this issue may allow a remote...

The vulnerability of the Passkey Handler component in operating systems such as Apple iPadOS, MacOS, and iOS allows a hacker to disclose sensitive information that is protected by this component.

The vulnerability of the Passkey Handler component in Apple’s iPadOS, MacOS, and iOS operating systems is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of Juniper Networks’ Junos OS routers of the SRX series, related to errors during authentication, allows attackers to circumvent Juniper’s Deep Packet Inspection (JDPI) rules.

The vulnerability of Juniper Networks’ Junos OS routers of the SRX series is related to errors during authentication processes. Exploiting this vulnerability can allow a malicious actor to bypass Juniper’s Deep Packet Inspection JDPI rules...

The vulnerability of the Jenkins Fortify Plugin, related to authentication errors, allows a hacker to gain access to another user’s session.

The vulnerability of the Jenkins Fortify Plugin is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain access to another user’s session...

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent is related to authentication errors. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent is related to authentication errors. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...