Lucene search
K

4038 matches found

Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-45746

Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/ endpoints...

5.8AI score0.00442EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45851

Name of the Vulnerable Software and Affected Versions sayan365 student-management-system versions prior to 7f3c9ce7d410332335c2affac93a385485051800 Description An issue in multiple endpoints allows for remote manipulation resulting in improper authentication. This occurs within an unknown functio...

7.5CVSS7AI score0.00498EPSS
Exploits0References15
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.4 views

Collibra Agent 安全漏洞

Collibra Agent is an enterprise-level data governance and data quality enforcement component developed by Collibra Corporation. There is a security vulnerability in Collibra Agent, which stems from improper authentication in the REST API. This vulnerability could allow unauthorized remote attacke...

8.2CVSS5.5AI score0.00442EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/02 12:0 a.m.15 views

Linux Kernel Improper Authentication Vulnerability

Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 releaseagent feature...

7.8CVSS7AI score0.05528EPSS
In wildExploits12
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:0 p.m.10 views

CVE-2026-10288

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/01 8:0 p.m.13 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 8:0 p.m.11 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS6.9AI score0.00496EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 8:0 p.m.29 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS0.00496EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.16 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS5.4AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45553

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launc...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
CVE
CVE
added 2026/05/31 3:30 a.m.22 views

CVE-2026-10167

CVE-2026-10167 affects the OUSL-GROUP-BrinaryBrains School Student Management System, specifically the MY_Controller component’s Login.php, function sign_auth_cookie. A manipulation of the role argument can lead to improper authentication, with remote exploitation possible. Public exploit exists....

7.5CVSS6.8AI score0.00409EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/31 3:30 a.m.38 views

CVE-2026-10167 OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_auth_cookie improper authentication

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function signauthcookie of the file application/controllers/Login.php of the component MYController. Executing a manipulation of the argumen...

7.5CVSS0.00409EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/31 12:30 a.m.9 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/31 12:30 a.m.11 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/31 12:30 a.m.43 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS0.00419EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/29 8:24 a.m.39 views

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

10CVSS0.00332EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 8:24 a.m.11 views

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

10CVSS5.8AI score0.00332EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/28 6:30 p.m.2 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the buildSp function, which fails to set the AudienceURI and does not inspect the WarningInfo.NotInAudience field. An attacker can gain unauthorized access by submitting SAML assertions intended for other...

9.8CVSS6AI score0.00365EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/28 4:50 p.m.13 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication when decoding JSON Web Tokens. An attacker can forge valid tokens by supplying a public key as the secret for the HMAC algorithm when both asymmetric and HMAC algorithms are supported. PoC python from jwt.apijws...

8.8CVSS5.8AI score0.00394EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/05/28 3:27 p.m.98 views

Exploit for Improper Authentication in Influxdata Influxdb

LAB 5-CVE-2019-20933 I. SYSTEM ANALYSIS Identify...

9.8CVSS7.6AI score0.30921EPSS
Exploits3
Rows per page
Query Builder