Lucene search
K

4041 matches found

EUVD
EUVD
added 2026/06/02 12:30 a.m.14 views

EUVD-2026-33856

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function syncanthropicentryfromcredentialsfile of the file agent/credentialpool.py of the component Credential Pool Synchronization. The manipulation results in improper authentication. The attack...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.5 views

Collibra Agent 安全漏洞

Collibra Agent is an enterprise-level data governance and data quality enforcement component developed by Collibra Corporation. There is a security vulnerability in Collibra Agent, which stems from improper authentication in the REST API. This vulnerability could allow unauthorized remote attacke...

8.2CVSS5.5AI score0.00442EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Student-Management-System 授权问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in the student-management-system’s authorization mechanism; this vulnerability stems from improper authentication of unknown functions, which may lead to remote attac...

7.5CVSS5.4AI score0.00498EPSS
Exploits0References12
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/02 12:0 a.m.15 views

Linux Kernel Improper Authentication Vulnerability

Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 releaseagent feature...

7.8CVSS7AI score0.05528EPSS
In wildExploits12
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45851

Name of the Vulnerable Software and Affected Versions sayan365 student-management-system versions prior to 7f3c9ce7d410332335c2affac93a385485051800 Description An issue in multiple endpoints allows for remote manipulation resulting in improper authentication. This occurs within an unknown functio...

7.5CVSS7AI score0.00498EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.21 views

PT-2026-45746

Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/ endpoints...

5.8AI score0.00442EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 8:0 p.m.29 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS0.00496EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:0 p.m.10 views

CVE-2026-10288

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/01 8:0 p.m.13 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 8:0 p.m.11 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS6.9AI score0.00496EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.16 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS5.4AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.24 views

PT-2026-45553

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launc...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
CVE
CVE
added 2026/05/31 3:30 a.m.23 views

CVE-2026-10167

CVE-2026-10167 affects the OUSL-GROUP-BrinaryBrains School Student Management System, specifically the MY_Controller component’s Login.php, function sign_auth_cookie. A manipulation of the role argument can lead to improper authentication, with remote exploitation possible. Public exploit exists....

7.5CVSS6.8AI score0.00409EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/31 3:30 a.m.40 views

CVE-2026-10167 OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_auth_cookie improper authentication

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function signauthcookie of the file application/controllers/Login.php of the component MYController. Executing a manipulation of the argumen...

7.5CVSS0.00409EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/31 12:30 a.m.9 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/31 12:30 a.m.11 views

CVE-2026-10157

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00419EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/31 12:30 a.m.44 views

CVE-2026-10157 Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS0.00419EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/29 8:24 a.m.11 views

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

10CVSS5.8AI score0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 8:24 a.m.41 views

CVE-2026-49197 Predator Connect W6x: Improper Authentication

Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails...

10CVSS0.00332EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/28 6:30 p.m.5 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the buildSpCertificateStore function. An attacker can gain unauthorized access by supplying a malicious signing certificate in the SAMLResponse, which is accepted instead of the trusted pre-configured Identit...

9.3CVSS6AI score0.00201EPSS
Exploits0References2
Rows per page
Query Builder