EUVD-2026-25871

authd: Primary group ID is incorrectly set to value of UID...

CVE-2025-13471 User Activity Log <= 2.2 - Unauthenticated Limited Arbitrary Option Update

The User Activity Log WordPress plugin through 2.2 does not properly handle failed login attempts in some cases, allowing unauthenticated users to set arbitrary options to 1 for example to enable User Registration when it has been turned off...

PT-2026-5057

The User Activity Log WordPress plugin through 2.2 does not properly handle failed login attempts in some cases, allowing unauthenticated users to set arbitrary options to 1 for example to enable User Registration when it has been turned off...

EUVD-2014-5978

Malware in sbrugna...

EUVD-2010-1013

Malware in sbrugna...

EUVD-2021-0597

Malware in sbrugna...

CVE-2025-54860

CVE-2025-54860 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. The vulnerability stems from improper handling of login failures on a telnet service exposed on TCP port 23, which is used for device management (e.g., firmware upgrades, reboot). Exploitation can lead to a denial-of-se...

OESA-2025-1924 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count ...

CVE-2021-21338

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing...

SourceCodester Garbage Collection Management System SQL注入漏洞

SourceCodester Garbage Collection Management System is a SourceCodester open source garbage collection management system. A SQL injection vulnerability exists in SourceCodester Garbage Collection Management System version 1.0, which is caused by improper handling of username/password parameters i...

BIT-TYPO3-2021-21338

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing...

Overly Restrictive Account Lockout Mechanism

org.keycloak, keycloak-core is vulnerable to Overly Restrictive Account Lockout Mechanism. The vulnerability is due to improper handling of login attempts, which may allow a remote unauthenticated attacker to block other accounts from logging in by exploiting this flaw under certain conditions...

CVE-2022-43620

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the la...

CVE-2023-1294

A vulnerability was found in SourceCodester File Tracker Manager System 1.0. It has been classified as critical. Affected is an unknown function of the file /filemanager/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is...

CVE-2022-44788

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login...

TYPO3 Open Redirection in Login Handling

TYPO3 CMS v6.2.0-6.2.56, 7.0.0-7.6.50, 8.0.0-8.7.39, 9.0.0-9.5.24, 10.0.0-10.4.13, 11.0.0-11.1.0 are susceptible to open redirects in login handling due to improper validation of the HTTP Host header. No source data...

PT-2022-5532 · D Link · D-Link Dir-1935

Name of the Vulnerable Software and Affected Versions: D-Link DIR-1935 version 1.03 Description: The issue is related to the implementation of the Home Network Administration Protocol HNAP in the D-Link DIR-1935 router's firmware, specifically with the authentication procedure. This allows a remo...

PT-2022-5538 · D Link · D-Link Dir-1935

Name of the Vulnerable Software and Affected Versions: D-Link DIR-1935 version 1.03 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the handling of...

SUSE: Security Advisory (SUSE-SU-2019:0643-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...