12 matches found
CVE-2026-2428 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...
EUVD-2025-34368
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...
EUVD-2024-16361
Malicious code in bioql PyPI...
CVE-2025-3576
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...
CVE-2025-3576 Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...
CVE-2025-3576
CVE-2025-3576 affects MIT Kerberos (krb5) with RC4-HMAC-MD5, enabling message spoofing via MD5 collisions in GSSAPI-protected messages. Public advisories (Red Hat, Debian, Amazon Linux, AlmaLinux, etc.) indicate the vulnerability exists in krb5 and provide remediation guidance. Impact is limited ...
CVE-2024-0568
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication...
CVE-2024-0568
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication...
Authentication flaw
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication...
CVE-2024-0568
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication...
CVE-2024-0568
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication...
PT-2024-1607 · Unknown · Harmony Control Relay Rmnf22Tb30 +1
Name of the Vulnerable Software and Affected Versions: Harmony Control Relay RMNF22TB30 and Harmony Timer Relay RENF22R2MMW affected versions not specified Description: The issue is related to an Improper Authentication vulnerability that could cause unauthorized tampering of device configuration...