8 matches found
CVE-2025-55031
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability was fixed...
CVE-2025-55031
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects...
CVE-2023-40356 PingOne MFA Integration Kit MFA bypass
PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA configuration. Under certain conditions, this configuration could allow for a new MFA device to be paired with a target user account without requiring second-factor authentication from the target’s...
Hitachi FOXMAN-UN Security Vulnerability
Hitachi FOXMAN-UN is a powerful toolset in a comprehensive NMS suite from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN and UNEM, which originates from a malicious user being able to perform an arbitrary number of authentication attempts using different passwor...
Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab
CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...
mx-chain-go 资源管理错误漏洞
mx-chain-go is a go implementation of the MultiversX protocol open-sourced by MultiversX. mx-chain-go suffers from a resource management error vulnerability that stems from the fact that when executing a relay transaction, if the internal transaction fails, it increases the random number of sende...
Design/Logic Flaw
DISPUTED The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service reduction of reputation score by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as...
NETGEAR WiFi Router R6120 Credential Disclosure
A Credential Disclosure vulnerability has been reported in NETGEAR WiFi Router R6120. A remote attacker can exploit this vulnerability by sending a malicious POST request to the vulnerable router. A successful exploitation would allow the attacker to take control of the target account...