5 matches found
CVE-2025-62425
MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...
CVE-2025-62425
MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...
CVE-2025-59036 Infrahub allows authentication with deleted and expired API tokens
Infrahub offers a central hub to manage data, templates, and playbooks. Prior to versiond 1.3.9 and 1.4.5, a bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any API token that is associated with an active user account...
CVE-2025-21010
Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account...
UPchieve: CLICKJACKING LEADS TO DEACTIVATE ACCOUNT
Hello UPCHEIVE SECURITY TEAM, I'm Anto Vulnerability : Clickjacking in https://hackers.upchieve.org/profile Steps to Reproduce: 1. Create a HTML file with following code Click the place where its shows Click 1 Click 2 Click 2 2, Save and Open it on your browser the page will be appear. Impact An...