CVE-2026-9098

In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts any well-formed SAMLResponse sent to /api/acs without verifying that it corresponds to an AuthnRequest previously issued by Casdoor. Additionally, if an administrator disables or deletes an IdP...

CVE-2026-9098 CVE-2026-9098

In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts any well-formed SAMLResponse sent to /api/acs without verifying that it corresponds to an AuthnRequest previously issued by Casdoor. Additionally, if an administrator disables or deletes an IdP...

CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

CVE-2026-5774

CVE-2026-5774 affects Canonical Juju API server components, where improper synchronization of the userTokens map in Juju 4.0.5, 3.6.20, and 2.9.56 can enable an authenticated user to cause a denial of service or potentially replay a single-use discharge token. Root cause: unsynchronized token map...

CVE-2020-10045

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application...

EUVD-2005-0745

Malware in sbrugna...

EUVD-2020-2510

Malware in sbrugna...

CVE-2025-8616

CVE-2025-8616 affects OpenText OpenText Advanced Authentication (versions up to and including 6.5.0). A malicious browser plugin can record and replay the user authentication process to bypass authentication, representing a replay attack against the login flow. The vulnerability’s root cause is t...

CVE-2025-42959 Missing Authentication check after implementation of SAP Security Note 3007182 and 3537476

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code HMAC credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2020-2127)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Siemens SICAM MMU, SGU and T Authentication Bypass Vulnerability

SICAM T is a digital measurement sensor that allows the measurement of power in the non-electrical network in a single unit.ICAM-MMU Measurement and Monitoring Unit is a power monitoring unit that allows the measurement of power in the grid in a single unit.SICAM SGU Discontinued is a Smart Grid...

CVE-2020-10045

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An error in the challenge-response procedure could allow an attacker to replay authentication traffic and gain access to protected areas of the web application...

openSUSE Security Update : pam_pkcs11 (openSUSE-2019-838)

This update for pampkcs11 fixes the following security issues : - It was possible to replay an authentication by using a specially prepared smartcard or token bsc1105012 - Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes bsc1105012 - Memory not cleaned...

openSUSE Security Update : pam_pkcs11 (openSUSE-2018-1244)

This update for pampkcs11 provides the following fixes : Security issues fixed bsc1105012 : - Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability - Fixed a stack-based buffer overflow in opensshmapper.c - Make sure memory is properly cleaned before invoking free...

Security update for pam_pkcs11 (moderate)

This update for pampkcs11 provides the following fixes: Security issues fixed bsc1105012: - Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability - Fixed a stack-based buffer overflow in opensshmapper.c - Make sure memory is properly cleaned before invoking free Othe...

SUSE SLED12 / SLES12 Security Update : pam_pkcs11 (SUSE-SU-2018:3311-1)

This update for pampkcs11 provides the following fixes : Security issues fixed bsc1105012 : Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability Fixed a stack-based buffer overflow in opensshmapper.c Make sure memory is properly cleaned before invoking free Other...

SUSE-SU-2018:3290-1 Security update for pam_pkcs11

This update for pampkcs11 fixes the following security issues: - It was possible to replay an authentication by using a specially prepared smartcard or token bsc1105012 - Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes bsc1105012 - Memory not cleaned...

CVE-2018-7790

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a...

CVE-2018-7790

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a...

UBUNTU-CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...