408 matches found
GNOME Remote desktop 安全漏洞
GNOME Remote desktop is a remote desktop software from GNOME open source. A security vulnerability exists in GNOME Remote desktop that stems from insufficient authentication of the session agent, resulting in the system RDP TLS certificates and keys being potentially exposed to unauthorized users...
Knowbe4 Phish Alert Button 安全漏洞
Knowbe4 Phish Alert Button is an application from Knowbe4, Inc. A security vulnerability exists in Knowbe4 Phish Alert Button, which stems from insufficient domain authentication and could lead to remote code execution by Outlook PAB via DNS spoofing...
PT-2024-7445 · Samsung · Samsung Android
Name of the Vulnerable Software and Affected Versions: Samsung Android mobile devices affected versions not specified Samsung Android mobile devices versions prior to SMR May-2024 Release 1 Description: The issue is related to weaknesses in the authentication procedure of the bootloader component...
The vulnerability of the wpa_check_authentication() function in the Analytify plugin of the WordPress content management system allows a hacker to modify the Google Analytics tracking identifier of the website.
The vulnerability of the wpacheckauthentication function in the Analytify plugin of the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to modify the Google Analytics tracking identifier of t...
The vulnerability of the Open vSwitch (OvS) multi-level switch lies in insufficient data authentication, which allows attackers to redirect ICMPv6 traffic to arbitrary IP addresses.
The vulnerability of the Open vSwitch OvS multi-level switch lies in insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker to redirect ICMPv6 traffic to arbitrary IP addresses...
The vulnerability of the NTPSyncWithHost function in TOTOLINK EX200 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the NTPSyncWithHost function in TOTOLINK EX200 router microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the hostTime parameter...
WordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerability
Auth. SQL Injection vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin SP Project & Document Manager versions = 4.71...
PT-2024-3358 · Netcat · Netcat
Name of the Vulnerable Software and Affected Versions: Netcat affected versions not specified Description: The issue is related to weaknesses in the authentication mechanism of the Netcat CMS system. Exploitation of this issue may allow a remote attacker to gain access to protected information...
The vulnerability of Zoom’s video conferencing software, related to deficiencies in authentication procedures, allows attackers to disclose protected information.
The vulnerability of Zoom, a video conferencing software, is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to disclose protected information...
The vulnerability of the SSH library wolfSSH, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.
The vulnerability of the SSH library wolfSSH is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...
The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to deficiencies in the authentication mechanism, allows a hacker to register arbitrary users in the system.
The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to register arbitrary users in the...
PT-2024-5662 · Korenix · Korenix Jetport +1
Name of the Vulnerable Software and Affected Versions: Korenix JetPort versions 1.2 and earlier Korenix JetPort 5601v3 versions through 1.2 Description: The issue is related to weaknesses in the authentication procedure of the Korenix JetPort serial device server. It may allow a remote attacker t...
The vulnerability of the Siemens Siveillance Control software for video surveillance and security systems, related to authentication mechanisms that lack sufficient protection, allows attackers to gain access to objects for which they only have read-only rights.
The vulnerability of the Siemens Siveillance Control software for video surveillance and security systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an intruder to gain access to objects for which they only have read-only permissions...
The vulnerability of the Podlove Web Player plugin in the WordPress content management system, related to deficiencies in the authentication process, allows attackers to compromise the integrity and confidentiality of protected information.
The vulnerability of the Podlove Web Player plugin in the WordPress content management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the integrity and confidentiality of the protected information...
PT-2024-6652 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2023.6, 2021.12 and earlier Description: The issue is related to weaknesses in the authentication procedure of the ColdFusion platform. This can be exploited by a remote attacker to gain unauthorized access and escalate...
PT-2024-2048 · Aruba · Arubaos
Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE AUTH negotiation process. The scenarios in which disclosure...
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers stems from deficiencies in the authentication process, allowing attackers to escalate their privileges.
The vulnerability of the BMC implementation for Intel Server Product OpenBMC-based servers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the LoginWindow component in the macOS operating system, which allows a hacker to disclose protected information
The vulnerability of the LoginWindow component in the macOS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to disclose sensitive information that is protected by security measures...
The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is caused by deficiencies in the authentication process, which allows unauthorized access to confidential information or causes service failures.
The vulnerability of microprogrammed software in Rosemount GC370XA, GC700XA, and GC1500XA gas chromatographs is related to deficiencies in the authentication process. Exploiting this vulnerability can allow unauthorized individuals to access confidential information or cause service failures...
PT-2024-1781 · Intel · Openbmc
Name of the Vulnerable Software and Affected Versions: Intel Server Product OpenBMC versions prior to egs-1.09 Description: The issue is related to improper authentication in the OpenBMC firmware, which may allow an authenticated user to escalate their privileges via local access. This is due to...