EUVD-2017-6670

Malware in sbrugna...

EUVD-2015-8216

Malware in sbrugna...

EUVD-2005-2949

Malware in sbrugna...

EUVD-2023-1969

Malicious code in bioql PyPI...

EUVD-2022-3246

Malicious code in bioql PyPI...

EUVD-2024-36615

Malicious code in bioql PyPI...

EUVD-2025-24035

Malicious code in bioql PyPI...

EUVD-2025-1577

Malicious code in bioql PyPI...

CVE-2025-6386 Timing Attack Vulnerability in parisneo/lollms

The parisneo/lollms repository is affected by a timing attack vulnerability in the authenticateuser function within the lollmsauthentication.py file. This vulnerability allows attackers to enumerate valid usernames and guess passwords incrementally by analyzing response time differences. The...

CVE-2021-38266

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign ...

CVE-2024-54092

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 All versions, Industrial Edge Device Kit - arm64 V1.18 All versions, Industrial Edge Device Kit - arm64 V1.19 All versions, Industrial Edge Device Kit - arm64 V1.20 All versions V1.20.2-1, Industrial Edge Device Kit -...

CVE-2025-1941

Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed distinct from CVE-2025-0245. This vulnerability was fixed in Firefox 136...

CVE-2022-38168

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification...

iDEFENSE Security Advisory 02.04.04: GNU Radius Remote Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 02.04.04 GNU Radius Remote Denial of Service Vulnerability http://www.idefense.com/application/poi/display?id=71 February 4, 2004 I. BACKGROUND Radius is a server for remote user authentication and accounting. More informati...

CVE-2002-0241

NDSAuth.DLL in Cisco Secure Authentication Control Server ACS 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services NDS, which could allow those users to authenticate to the server...

CVE-2000-0627

BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as userupdatepasswd.pl and userupdateadmin.pl...

Blackboard Courseinfo v4.0 User Authentication

Apparently Courseinfo or at least the implementation I was playing with has no user authentication, meaning that anyone can force feed their own form values and Perl with merrily modify the database. So for instance running: all form input is in caps for readability...