CVE-2026-7112

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function checkauth of the file gateway/platforms/apiserver.py of the component APISERVERKEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. Th...

CVE-2023-39550

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the checkauth function...

CVE-2024-9586

The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'checkauth' and 'checklogout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings...

CVE-2023-39550

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the checkauth function...

CVE-2005-4861

functions.php in Ragnarok Online Control Panel ROCP 4.3.4a allows remote attackers to bypass authentication by requesting accountmanage.php with a trailing "/login.php" PHPSELF value, which is not properly handled by the CHECKAUTH function...

CVE-2005-4861

Ragnarok Online Control Panel (ROCP) 4.3.4a is affected by CVE-2005-4861. The vulnerability arises in functions.php where CHECK_AUTH mishandles a trailing "/login.php" in PHP_SELF, allowing remote attackers to bypass authentication when accessing account_manage.php. Reported impact is authenticat...