CVE-2025-47708

Cross-Site Request Forgery CSRF vulnerability in Drupal Enterprise MFA - TFA for Drupal allows Cross Site Request Forgery.This issue affects Enterprise MFA - TFA for Drupal: from 0.0.0 before 4.7.0, from 5.0.0 before 5.2.0...

Drupal Enterprise MFA - TFA for Drupal 安全漏洞

Drupal Enterprise MFA - TFA for Drupal is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal Enterprise MFA - TFA for Drupal versions prior to 5.2.0, which stems from a lack of authorization and may result in forced browsing...

Enterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-055

The module enables you to add second-factor authentication in addition to the default Drupal login. The module doesn't sufficiently protect certain sensitive routes, allowing an attacker to view or modify various TFA-related settings...

Drupal Enterprise MFA - TFA for Drupal module < 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability

Drupal Enterprise MFA - TFA for Drupal module 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability discovered by Juraj Nemec poker10 in WordPress Module Enterprise MFA - TFA for Drupal versions 4.7.0,5.0.0-5.1.0...

SAP BusinessObjects Business Intelligence Platform Improper Authorization (3479478)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is prior to 4.3 SP004 000600 or 4.3 SP005 000000. It is, therefore, affected by a vulnerability as referenced in the 3479478 advisory. - In SAP BusinessObjects Business Intelligence Platform, if Single...

CVE-2024-41730

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availabilit...

CVE-2024-41730

In SAP BusinessObjects Business Intelligence Platform, if Single Signed On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint. The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availabilit...

CVE-2024-41730

Summary: CVE-2024-41730 affects SAP BusinessObjects Business Intelligence Platform, specifically versions 4.30 and 4.40 (per Nessus/PTSecurity). When Single Sign-On on Enterprise authentication is enabled, an unauthorised user can obtain a logon token via a REST endpoint, enabling full compromise...

DEBIAN-CVE-2006-7246

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used...

EMC RSA Authentication Manager Authentication Bypass Vulnerability

EMC RSA Authentication Manager is a centralized binary authentication software from EMC. An authentication bypass vulnerability exists in EMC RSA Authentication Manager. An attacker could use this vulnerability to bypass the authentication mechanism and log in to another user account...