CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

CVE-2025-11778 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

CVE-2025-11778

CVE-2025-11778 affects Circutor SGE-PLC1000/SGE-PLC50 (v0.9.2). The issue is a stack-based buffer overflow in the TACACSPLUS implementation, specifically in the read_packet() function, enabling remote memory corruption. Multiple connected sources corroborate the vulnerability in the same software...

CVE-2025-11778 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v0.9.2, which stems from a stack buffer overflow in the readpacket function of the TACACSPLUS...

EUVD-2025-31035

Malicious code in bioql PyPI...

CVE-2025-20160

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

CVE-2025-20160

Cisco IOS and IOS XE TACACS+ vulnerability (CVE-2025-20160): the TACACS+ implementation fails to properly verify the configured shared secret, enabling unauthenticated remote attackers to read unencrypted TACACS+ messages or bypass authentication. This can lead to exposure of sensitive informatio...

CVE-2025-20160

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

CVE-2025-20160

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

PT-2025-39296

Name of the Vulnerable Software and Affected Versions Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description A flaw exists in the implementation of the TACACS+ protocol that may allow a remote attacker to view sensitive data or bypass authentication. The issue...

Linux Distros Unpatched Vulnerability : CVE-2020-13881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In support.c in pamtacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used. CVE-2020-13881 Not...

The vulnerability in the implementation of the TACACS+ protocol for the proxy server used by FortiProxy, as well as the local management platform FortiSwitchManager and the operating system FortiOS, allows a perpetrator to bypass authentication procedures and gain access to the device.

The vulnerability of the TACACS+ protocol implementation of the proxy server used to protect FortiProxy against internet attacks, as well as the FortiSwitchManager local management platform and the FortiOS operating system, is related to the absence of authentication for a critical function...

CVE-2023-44037

An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component...

CVE-2023-44037

An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component...

CVE-2023-43485

When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-20168

A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed...

Cisco NX-OS Software 输入验证错误漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software suffers from an authentication error vulnerability that stems from incorrect input validation when TACACS+ and RADIUS process authentication attempts. ...

PT-2023-4731 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly...