CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-context, NULL before...

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-context, NULL before...

CVE-2026-37525

The CVE-2026-37525 entry concerns the AGL app-framework-binder (afb-daemon) up to v19.90.0. The vulnerability resides in the supervision Do command: the on_supervision_call path explicitly_nullifies credentials via afb_context_change_cred(&xreq->context, NULL) before dispatching an attacker-co...

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-context, NULL before...

PT-2026-36503

Name of the Vulnerable Software and Affected Versions AGL app-framework-binder afb-daemon versions prior to 19.90.1 Description A privilege escalation issue exists in the supervision Do command. The on supervision call function in src/afb-supervision.c nullifies request credentials by calling afb...

EUVD-2026-26681

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-context, NULL before...

Jinan USR IOT USR-W610 安全漏洞

Jinan USR IOT USR-W610 is a serial-to-Ethernet converter produced by the Jinan USR IOT company. There is a security vulnerability in the Jinan USR IOT USR-W610; this vulnerability stems from allowing administrator username and password values to be set to null, which may allow unauthenticated...

Information Disclosure

catalina is vulnerable to information disclosure attacks. The vulnerability exists as user enumeration is possible throug the FORM authentication as it does not check if credentials is null...

Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/20365/info Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it...

CVE-1999-1001

Cisco Cache Engine allows a remote attacker to gain access via a null username and password...

CVE-1999-1001

Cisco Cache Engine allows a remote attacker to gain access via a null username and password...

PT-1999-1520 · Cisco · Cisco Cache Engine

Name of the Vulnerable Software and Affected Versions: Cisco Cache Engine affected versions not specified Description: The issue allows a remote attacker to gain access via a null username and password. Recommendations: At the moment, there is no information about a newer version that contains a...

Linux FTP Server Backdoor Detection

There is a backdoor in the old FTP daemons of Linux that allows remote users to log in as 'NULL' with password 'NULL'. These credentials provide root access. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10080; scriptversion "1.27"; scriptcvsdate"Date: 2018/06/13...