2931 matches found
CVE-2025-10772
A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robotdevices/robots/lekiwiremote.py of the component ZeroMQ Socket Handler. The manipulation leads to missing authentication. The attack can onl...
CVE-2025-10772 huggingface LeRobot ZeroMQ Socket lekiwi_remote.py missing authentication
A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robotdevices/robots/lekiwiremote.py of the component ZeroMQ Socket Handler. The manipulation leads to missing authentication. The attack can onl...
PT-2025-38670
Name of the Vulnerable Software and Affected Versions huggingface LeRobot versions up to 0.3.3 Description A vulnerability exists in huggingface LeRobot up to version 0.3.3 related to missing authentication within the ZeroMQ Socket Handler functionality of the file lerobot/common/robot...
CVE-2025-9971
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to manipulate the device via a specific functionality...
CVE-2025-10672 whuan132 AIBattery com.collweb.AIBatteryHelper BatteryXPCService.swift missing authentication
A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach...
CVE-2025-10672 whuan132 AIBattery com.collweb.AIBatteryHelper BatteryXPCService.swift missing authentication
A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach...
CVE-2025-10672
CVE-2025-10672 affects whuan132 AIBattery up to 1.0.9, with a local authentication bypass in AIBatteryHelper/XPC/BatteryXPCService.swift of the com.collweb.AIBatteryHelper component. The vulnerability allows a local attacker to bypass authentication and potentially compromise confidentiality, int...
PT-2025-38405
Name of the Vulnerable Software and Affected Versions AIBattery versions up to 1.0.9 Description A vulnerability exists in AIBattery that results in missing authentication. The issue is located in an unknown function within the AIBatteryHelper/XPC/BatteryXPCService.swift file of the...
AIBattery 访问控制错误漏洞
AIBattery is a battery management tool for macOS by Wen Personal Developer. An access control error vulnerability exists in AIBattery 1.0.9 and earlier versions, which stems from a lack of authentication in the file AIBatteryHelper/XPC/BatteryXPCService.swift, which could lead to a local attack...
GO-2025-3951 Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function in github.com/chaos-mesh/chaos-mesh
Chaos Mesh's Chaos Controller Manager is Missing Authentication for Critical Function in github.com/chaos-mesh/chaos-mesh. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positiv...
CVE-2025-9971
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to manipulate the device via a specific functionality...
CVE-2025-9971
CVE-2025-9971 concerns Planet Technology’s Industrial Cellular Gateway, where a missing authentication vulnerability allows unauthenticated remote manipulation via a specific functionality. The connected sources describe the root cause as lack of authentication and indicate high impact on confide...
CVE-2025-9971 Planet Technology|Industrial Cellular Gateway - Missing Authentication
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to manipulate the device via a specific functionality...
CVE-2025-9971 Planet Technology|Industrial Cellular Gateway - Missing Authentication
Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to manipulate the device via a specific functionality...
CVE-2025-10452
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...
PT-2025-38125
Name of the Vulnerable Software and Affected Versions: Planet Technology Industrial Cellular Gateway affected versions not specified Description: Certain models of Industrial Cellular Gateway developed by Planet Technology are susceptible to a missing authentication issue. This allows...
Missing Critical Step in Authentication
Overview Affected versions of this package are vulnerable to Missing Critical Step in Authentication during OTP validation. An attacker can gain unauthorized access by reusing a valid time-based one-time password within its validity period. Remediation Upgrade...
CVE-2025-10452
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...
CVE-2025-10452 Gotac|Statistical Database System - Missing Authentication
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...
CVE-2025-10452 Gotac|Statistical Database System - Missing Authentication
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...