CVE-2022-41545

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 and possibly others authenticates users via basic authentication, with an HTTP header containing a base64 value of the plaintext username and password. Because the web server also does not utilize transpor...

CVE-2025-0896

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker...

SUSE CVE-2025-25184

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

CVE-2025-0896

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker...

DEBIAN-CVE-2025-0896

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker...

UBUNTU-CVE-2025-0896

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker...

CVE-2025-0896

CVE-2025-0896 affects Orthanc server prior to version 1.5.8. The root cause is that basic authentication is not enabled by default when remote access is enabled, which can lead to unauthorized access. CVSS metrics shown in the public data indicate CRITICAL impact across confidentiality, integrity...

CVE-2025-0896

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker...

Orthanc 访问控制错误漏洞

Orthanc is a free and open source software from Orthanc. An access control error vulnerability exists in Orthanc versions prior to 1.5.8 that stems from not enabling basic authentication by default when enabling remote access...

DEBIAN-CVE-2025-25184

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

UBUNTU-CVE-2025-25184

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

SUSE CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

GHSA-V34R-VJ4R-38J6 Updatecli exposes Maven credentials in console output

Summary Private maven repository credentials leaked in application logs in case of unsuccessful retrieval operation. Details During the execution of an updatecli pipeline which contains a maven source configured with basic auth credentials, the credentials are being leaked in the application...

PT-2025-5338 · Updatecli +2 · Updatecli +2

Name of the Vulnerable Software and Affected Versions: Updatecli versions prior to 0.93.0 Description: The issue concerns the leakage of private Maven repository credentials in application logs when an updatecli pipeline execution fails. This occurs when the pipeline contains a maven source...

CVE-2024-13291

Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful Browsing.This issue affects Basic HTTP Authentication: from 7.X-1.0 before 7.X-1.4...

PT-2026-20548

Name of the Vulnerable Software and Affected Versions Orthanc versions prior to 1.12.10 Description An authorisation logic flaw exists in the HTTP Basic Authentication implementation of Orthanc. Successful exploitation could lead to privilege escalation, potentially granting full administrative...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to circumvent existing security restrictions.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to circumvent existing security restrictions remotely...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...