CVE-2026-56299

CVE-2026-56299 (Capgo) affects Capgo prior to 12.128.2. An authentication bypass in the /build/upload/:jobId/* endpoint allows unauthenticated remote attackers to trigger repeated 500 errors by sending OPTIONS requests, bypassing authentication middleware and invoking tusProxy logic with invalid ...

Astra Linux – Vulnerability in cifs-utils

cifs-utils from version 6.14 onwards, with verbose logging, can cause an information leak when a file contains equal sign characters but is not a valid credentials file...

GitLab 代码问题漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There are code-related vulnerabilities in versions of GitLab CE/EE befo...

PT-2026-34521

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.2 through 18.9.5 GitLab CE/EE versions 18.10 through 18.10.3 GitLab CE/EE versions 18.11 through 18.11.0 Description An issue exists that could allow a user to access Virtual Registries under certain conditions by usin...

EUVD-2019-19171

Malware in sbrugna...

EUVD-2000-1017

Malware in sbrugna...

PT-2025-40862

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description The system logs data from POST requests without validation. Specifically, when a user attempts to log in with incorrect credentials, the request data is logged. It is possible to send excessively lar...

EUVD-2022-52237

Malicious code in bioql PyPI...

EUVD-2022-1912

Malicious code in bioql PyPI...

Fortinet FortiOS和Fortinet FortiProxy 安全漏洞

Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...

CVE-2024-45526

An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually...

CVE-2022-30285

In Quest KACE Systems Management Appliance SMA through 12.0, a hash collision is possible during authentication. This may allow authentication with invalid credentials...

CVE-2019-6122

A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...

CVE-2024-33616

Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on older models only, and is planning to provide the firmware update to remove the feature. As for the...

CVE-2024-33616

Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on older models only, and is planning to provide the firmware update to remove the feature. As for the...

CVE-2024-33616

CVE-2024-33616 affects Sharp MFPs (Sharp Multi-Function Printers). Reported issue: admin authentication can be bypassed using specific invalid credentials, allowing login with administrative privileges. The telnet feature is noted as present only on older models, with Sharp planning a firmware up...

Server Performance Degradation

OPCFoundation/UA-.NETStandard is vulnerable to Server Performance Degradation. The vulnerability is due to improper handling of requests with invalid credentials, which allows a remote attacker to degrade server performance gradually...

CVE-2024-45526

The CVE affects OPC Foundation OPCFoundation/UA-.NETStandard up to version 1.5.374.78. A remote attacker can send requests with invalid credentials, causing gradual server performance degradation due to improper request handling. A fix is available: upgrade OPCFoundation.NetStandard.Opc.Ua.Core (...

OPCFoundation UA-.NETStandard 安全漏洞

OPCFoundation UA-.NETStandard is a library of the OPCFoundation Foundation. A security vulnerability exists in OPCFoundation UA-.NETStandard version 1.5.374.78 and earlier, which originates from a remote attacker who can send requests with invalid credentials, gradually leading to a degradation o...

Improper Authentication

libfreerdp.so is vulnerable to Improper Authentication. The vulnerability is due to invalid credentials being accepted if the server has configured an invalid SAM file path. The attacker can successfully authenticate with invalid credentials if the SAM file path is incorrect...