CVE-2026-36609

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the jwt.decode or jwt.decodecomplete functions when used with a PyJWK key. An attacker can bypass algorithm restrictions and gain unauthorized access to protected resources by signing...

Auth.js SDK has Improper Permission Checking

Description Under specific preconditions, the Auth0.js SDK may improperly return user profile information using a valid access token when a specifically crafted invalid ID token is provided. Am I Affected? Users are affected if they meet each of the following preconditions: - Applications built...

Gogs user can update repository content with read-only permission

Vulnerability Description The endpoint PUT /repos/:owner/:repo/contents/ does not require write permissions and allows access with read permission only via repoAssignment. After passing the permission check, PutContents invokes UpdateRepoFile, which results in: Commit creation Execution of git pu...

Linux Distros Unpatched Vulnerability : CVE-2019-12300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a toke...

Linux Distros Unpatched Vulnerability : CVE-2018-20340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to...

golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

CVE-2023-47640

DataHub is an open-source metadata platform. The HMAC signature for DataHub Frontend sessions was being signed using a SHA-1 HMAC with the frontend secret key. SHA1 with a 10 byte key can be brute forced using sufficient resources i.e. state level actors with large computational capabilities...

PT-2025-20599 · Unknown · Code-Server

Name of the Vulnerable Software and Affected Versions: code-server versions prior to 4.99.4 Description: The issue allows an attacker to gain access to the session token through a maliciously crafted URL using the proxy subpath. This can result in the attacker proxying to an arbitrary domain,...

Amazon Linux 2023 : docker (ALAS2023-2025-934)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-934 advisory. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. CVE-2025-22868 SSH servers which implement file transfer protocols are vulnerable ...

CVE-2023-39953 Issuer not verified from obtained token in user_oidc

useroidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an attacker to perform a man-in-the-middle attack returning corrupted or known token they also...

CVE-2023-2158 Impersonation through User-Controlled Token

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious actor is able to gain access to another user's account by crafting a custom "Remember Me" token. This is possible due to the use of a hard-coded cipher which was used when generating the token. A...

SUSE CVE-2021-22573

The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation ...

Roehling Postsrsd Resource Management Error Vulnerability

Roehling Postsrsd is a C-based software from the individual developer Roehling that provides reverse SRS functionality for mail servers. A security vulnerability in PostSRSd before 1.10, which originated in srs2.c, allows remote attackers to cause a denial of service CPU consumption via a...