50 matches found
PT-2026-46765
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Low...
CVE-2025-14510
Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...
GO-2026-4275 Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-plugin-jira
Mattermost with Jira plugin enabled has Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-plugin-jira. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is...
EUVD-2025-9570
Malicious code in bioql PyPI...
CVE-2023-38335
Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis libraries "always private" - this is supposed to be an irreversible operation. However, due to implementation issues, "always private" Omnis libraries can be opened by the Omnis Studio browser by bypassin...
GO-2025-3610 Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server
Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm in github.com/mattermost/mattermost-server...
Google Chrome Incorrectly Implemented Vulnerability
Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an incorrect implementation vulnerability, no details of the vulnerability are provided at this time...
Google Chrome 安全漏洞
Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from an incorrect implementation vulnerability, no details of the vulnerability are provided at this time...
Google Chrome Browser UI Incorrectly Implemented Vulnerability
Google Chrome is a WEB browser developed by Google Inc. An incorrect implementation vulnerability exists in the Google Chrome Browser UI. An attacker can exploit this vulnerability to submit a special web request to perform UI spoofing...
The vulnerability of the Multi-Factor Authentication component of the pgAdmin database management tool allows a malicious individual to gain unauthorized access to the application and execute arbitrary SQL code.
The vulnerability of the Multi-Factor Authentication component of the pgAdmin database management tool exists due to incorrect implementation of multi-factor authentication. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the application and execute arbitrary SQ...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from the fact that an incorrect implementation may lead to the generation of weak RSA key pairs, resulting in a cryptographic vulnerability...
CVE-2024-9999 Multi-Factor Authentication Bypass in Progress WS_FTP Server
In WSFTP Server versions before 8.8.9 2022.0.9, an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only...
ROS-20240826-12
Vulnerability of Ruby programming language components rfc2396parser.rb and rfc3986parser.rb is related to incorrect implementation of processing invalid URLs. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service Vulnerability in the URI component of th...
CVE-2024-5483
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of getitemspermissionscheck function. This makes it possible for unauthenticated attackers to extract basic...
CVE-2024-5483 LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of getitemspermissionscheck function. This makes it possible for unauthenticated attackers to extract basic...
CVE-2023-44420
CVE-2023-44420 affects D-Link DIR-X3260 routers via prog.cgi, where an incorrect implementation of the authentication algorithm allows network-adjacent attackers to bypass authentication. The flaw is tied to the prog.cgi executable, enabling full device access without credentials. Reported by ZDI...
CVE-2023-5627
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
CVE-2023-5627 Incorrect Implementation of Authentication Algorithm Vulnerability
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service...
Incorrect Order of Operations in nukeFromOrbit Function
Lines of code Vulnerability details Impact the nukeFromOrbit function, the nonReentrant modifier is correctly applied. This means that the function cannot be reentered while it is already being executed the problem is that The blockAccountstate, accountAddress function is called before...