34 matches found
EUVD-2017-14523
Malware in sbrugna...
EUVD-2018-16901
Malware in sbrugna...
EUVD-2025-26583
Malicious code in bioql PyPI...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2025-22422
Technical details for CVE-2025-22422 are not publicly provided in the connected documents. Monitor for updates from referenced sources; current materials describe a logic-error elevation of privilege without detail on affected products or fixes.
PT-2025-35626
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A logic error in the code may mislead a user into approving an authentication prompt for one application when the result is used in another. This could lead to local escalation of privilege without...
ASB-A-339532378
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
SUSE CVE-2023-5729
A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox 119...
SUSE CVE-2023-4641
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...
Weintek Weincloud 安全漏洞
Weintek Weincloud is a cloud-based monitoring platform from Weintek, Inc. A security vulnerability exists in Weintek Weincloud version v0.13.6, which originates from an attacker who can effectively brute-force an attack on credentials by exploiting an authentication prompt in an error message...
SUSE CVE-2018-5115
If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the...
CVE-2022-41414
An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages...
May 5, 2020, update for Microsoft Office 2016 (KB4484328)
May 5, 2020, update for Microsoft Office 2016 KB4484328 This article describes update 4484328 for Microsoft Office 2016 that was released on May 5, 2020.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...
Users Prompted for Credentials on Workspace URLs When Using Federated Authentication Providers
Overview: Users may be prompted for additional authentication when navigating to Citrix Workspace URLS if Workspace is configured to use a federated identity provider. Example: Users may be prompted for Azure AD credentials when Using AAD for Authentication to Citrix Workspace, even if the user h...
RHEL 8 : gvfs (RHSA-2019:1517)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1517 advisory. GVFS is the GNOME Desktop Virtual File System layer that allows users to easily access local and remote data using File Transfer Protocol FTP, Secure...