515 matches found
EUVD-2025-24178
Malicious code in bioql PyPI...
EUVD-2023-38328
Malicious code in bioql PyPI...
EUVD-2022-7763
Malicious code in bioql PyPI...
EUVD-2023-12790
Malicious code in bioql PyPI...
EUVD-2024-52626
Malicious code in bioql PyPI...
EUVD-2025-23457
Malicious code in bioql PyPI...
CVE-2025-11130 iHongRen pptp-vpn XPC Service HelperTool.m shouldAcceptNewConnection missing authentication
A weakness has been identified in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the function shouldAcceptNewConnection of the file HelpTool/HelperTool.m of the component XPC Service. This manipulation causes missing authentication. The attack can only be executed locally. The exploit h...
Flag Forge 访问控制错误漏洞
Flag Forge is an easy-to-use CTF platform open-sourced by FlagForge. An access control error vulnerability exists in Flag Forge versions 2.0.0 through prior to 2.3.1, which stems from a lack of proper authentication and authorization in the /api/resources endpoint, which could result in an...
Dover Fueling Solutions多款产品 输入验证错误漏洞
Dover Fueling Solutions MAGLINK LX Console and more are products from Dover Fueling Solutions.The Dover Fueling Solutions MAGLINK LX Console is an integrated console for fuel stations and oil distribution. This console is designed to help manage the various operations of a fuel station, including...
CVE-2025-42926
SAP NetWeaver Application Server Java does not perform an authentication check when an attacker attempts to access internal files within the web application.Upon successfully exploitation, an unauthenticated attacker could access these files to gather additional sensitive information about the...
CVE-2025-42958
CVE-2025-42958 affects the SAP NetWeaver application on IBM i-series. A missing authentication check allows highly privileged, unauthorized users to read, modify, or delete sensitive data and access privileged functionality, impacting confidentiality, integrity, and availability. Evidence from mu...
Connection to Veeam Software Appliance Fails With: "Authentication failed: invalid credentials"
Challenge When attempting to use local account credentials to connect to a Veeam Software Appliance that is joined to a domain, the Console fails to connect with the errror: Authentication failed: invalid credentials Cause This error occurs due to an account collision caused by the...
Improper Authentication
Mattermost Confluence Plugin is vulnerable to improper authentication. The vulnerability is due to the failure to enforce user authentication to the Mattermost instance, which allows an attacker to edit channel subscriptions via an unauthenticated API call...
Linux Distros Unpatched Vulnerability : CVE-2025-24912
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position betwe...
CVE-2025-54478
Summary (CVE-2025-54478): Mattermost Confluence Plugin (versions
CVE-2025-54478 Unauthenticated Channel Subscription Edit in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to edit channel subscriptions via API call to the edit channel subscription endpoint...
Packet Power EMX和Packet Power EG 访问控制错误漏洞
Packet Power EMX and Packet Power EG are both an energy and environmental monitoring software from Packet Power USA. An access control error vulnerability exists in Packet Power EMX and Packet Power EG that stems from a failure to enforce authentication mechanisms, which could lead to unauthorize...
BIT-VAULT-2025-6037 Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates
Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...
CVE-2025-54350
In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...
CVE-2025-54350
In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...