EUVD-2019-14740

Malware in sbrugna...

EUVD-2019-14711

Malware in sbrugna...

Authentication Bypass

com.linecorp.armeria: armeria-saml is vulnerable to Authentication Bypass. The vulnerability is due to improper filtering of SAML messages, allowing attackers to craft malicious messages to bypass authentication functionality...

Buffer overflow

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in Authentication functionality in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2019-5135

An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...

CVE-2019-5134

An exploitable regular expression without anchors vulnerability exists in the Web-Based Management WBM authentication functionality of WAGO PFC200 versions 03.00.3912 and 03.01.0713, and WAGO PFC100 version 03.00.3912. A specially crafted authentication request can bypass regular expression...

CVE-2018-4069

An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to network traffic upstream from the device to...

CVE-2017-2834

An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...

CVE-2017-2834

An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...

CVE-2016-4351

SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway TMEEG 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Buffer overflow

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager ISM Portmapper service aka portmap.exe, as used in IBM Informix Dynamic Server IDS 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a...

CVE-2009-2754

CVE-2009-2754 relates to a stack-based buffer overflow in librpc.dll’s authentication for the Portmapper service (portmap.exe) used by IBM Informix Dynamic Server (IDS) 10.x prior to 10.00.TC9 and 11.x prior to 11.10.TC3, and EMC Legato NetWorker. The issue is triggered by a crafted parameter siz...