11895 matches found
CVE-2026-21528
Binding to an unrestricted ip address in Azure IoT SDK allows an unauthorized attacker to disclose information over a network...
GHSA-Q672-HFC7-G833 Apache Druid Vulnerable to Authentication Bypass
Affected Products and Versions Apache Druid Affected Versions: 0.17.0 through 35.x all versions prior to 36.0.0 Prerequisites: druid-basic-security extension enabled LDAP authenticator configured Underlying LDAP server permits anonymous bind ...
Apache Druid Vulnerable to Authentication Bypass
Affected Products and Versions Apache Druid Affected Versions: 0.17.0 through 35.x all versions prior to 36.0.0 Prerequisites: druid-basic-security extension enabled LDAP authenticator configured Underlying LDAP server permits anonymous bind ...
Missing Authentication
Overview org.apache.druid.extensions:druid-basic-security is a basic security package for Apache Druid. Affected versions of this package are vulnerable to Missing Authentication in validateCredentials for LDAP, which does not check passwords for anonymous bind requests. An attacker in possession...
CVE-2026-23906
Affected Products and Versions Apache Druid Affected Versions: 0.17.0 through 35.x all versions prior to 36.0.0 Prerequisites: druid-basic-security extension enabled LDAP authenticator configured Underlying LDAP server permits anonymous bind ...
CVE-2026-23906
Summary (CVE-2026-23906) : Apache Druid versions 0.17.0 through 35.x are affected when using the druid-basic-security extension with LDAP authentication and an LDAP server that allows anonymous bind. The vulnerability arises from improper validation of LDAP authentication responses, where anonymo...
CVE-2026-23906 Apache Druid: Authentication Bypass via LDAP Anonymous Bind
Affected Products and Versions Apache Druid Affected Versions: 0.17.0 through 35.x all versions prior to 36.0.0 Prerequisites: druid-basic-security extension enabled LDAP authenticator configured Underlying LDAP server permits anonymous bind ...
CVE-2026-2186
A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...
PT-2026-7281
Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.6.0 through 7.6.4 Description An authentication bypass issue exists in Fortinet FortiOS. This flaw may allow an unauthenticated attacker to bypass LDAP authentication for Agentless VPN or Fortinet Single Sign-On FSS...
CVE-2025-13878 affecting package bind for versions less than 9.20.18-1
CVE-2025-13878 affecting package bind for versions less than 9.20.18-1. An upgraded version of the package is available that resolves this issue...
PT-2026-7140
Name of the Vulnerable Software and Affected Versions Apache Druid versions 0.17.0 through 35.x Description An authentication bypass issue exists in Apache Druid when the druid-basic-security extension is enabled with LDAP authentication. If the underlying LDAP server allows anonymous binds, an...
Fedora: Security Advisory (FEDORA-2026-34c921d252)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-2186 Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow
A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...
EUVD-2026-5764
A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...
CVE-2026-2186 Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow
A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...
CVE-2026-2137
A vulnerability has been found in Tenda TX3 up to 16.03.13.11multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2026-2137
A vulnerability has been found in Tenda TX3 up to 16.03.13.11multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2026-2137
This CVE refers to a buffer overflow in Tenda TX3 (up to version 16.03.13.11_multi) involving the /goform/SetIpMacBind function. The vulnerability arises from manipulation of the argument list, enabling a remotely initiated attack. Public disclosure of the exploit is indicated. Affected product i...
CVE-2026-2137
A vulnerability has been found in Tenda TX3 up to 16.03.13.11multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2026-2137 Tenda TX3 SetIpMacBind buffer overflow
A vulnerability has been found in Tenda TX3 up to 16.03.13.11multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...