HCL Sametime 安全漏洞

HCL Sametime is a conference solution developed by the Indian company HCL. HCL Sametime has a security vulnerability, which stems from incomplete server-side verification. This vulnerability could allow attackers to bypass client input checks by sending manipulated HTTP requests directly to the...

Linux Distros Unpatched Vulnerability : CVE-2026-24734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM port of the Tomcat...

CVE-2025-61220

The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauthorized access to their personal information...

EUVD-2025-35189

The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauthorized access to their personal information...

CVE-2025-61220

The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauthorized access to their personal information...

CVE-2025-61220

The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauthorized access to their personal information...

CVE-2025-61220

The CVE-2025-61220 entry concerns AutoBizLine, app package com.mysecondline.app, version 1.2.91, where an incomplete verification/authentication mechanism permits an attacker to log in as other users and access their personal information. The Red Hat, ENISA EUVD, CIRCL, NVD, and other feeds corro...

CVE-2025-54628

Vulnerability of incomplete verification information in the communication module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-54628

Vulnerability of incomplete verification information in the communication module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2024-57962

Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2023-34164

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability...

CVE-2023-37238

Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features...

PT-2023-12610 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns incomplete read and write permission verification in the GPU module. Successful exploitation may affect service confidentiality,...

Double spending risk in L1 Bridge Contract

Lines of code Vulnerability details Impact There is double spending risk in L1 Bridge Contract. The user may call claimFailedDeposit to release their locked fund while they still have token balance in L2 network. Proof of Concept Let us focus on the L1ERC20Bridge.sol /// @dev Withdraw funds from...

CVE-2020-25684

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query,...

Design/Logic Flaw

In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements if VerifyOptions.Roots equals nil and the installation is on Windows. Thus, X.509 certificate verification is incomplete...

CVE-2020-14039

In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements if VerifyOptions.Roots equals nil and the installation is on Windows. Thus, X.509 certificate verification is incomplete...

Design/Logic Flaw

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...