CVE-2026-9733

CVE-2026-9733 affects Mojolicious::Plugin::Web::Auth::OAuth2 (Perl) versions up to 0.17. The insecure default state parameter arises from a SHA-1 based generator that uses epoch time (revealed via HTTP Date) and Perl rand, enabling CSRF session hijacking. A patch exists (Mojolicious-Plugin-Web-Au...

CVE-2026-36808

CVE-2026-36808 affects Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10. The issue is a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function, leading to Denial of Service via a crafted HTTP request. Connected sources (Red Hat, NVD, CVE lists) confirm the sa...

CVE-2026-36823

Summary: CVE-2026-36823 affects Shenzhen Tenda Technology Co., Ltd. Tenda W20E, version v15.11.0.6. A buffer overflow in the webAuthUserInfo parameter of the function formAddWebAuthUser can cause a Denial of Service (DoS) via a crafted HTTP request. The published metrics indicate a CVSS v3.1 base...

CVE-2025-14572

The CVE-2025-14572 entry covers a memory-corruption vulnerability in UTT Progressive 512W devices (UTT 进取 512W) up to version 1.7.7-171114. The flaw resides in the /goform/formWebAuthGlobalConfig handler, where manipulating the hidcontact parameter can trigger memory corruption, enabling remote e...

UTT 512W 缓冲区错误漏洞

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. The UTT Progress 512W suffers from a memory corruption vulnerability that originates...

MAL-2025-38967 Malicious code in web-auth-client (npm)

The package web-auth-client was found to contain malicious code...

Malicious code in web-auth-client (npm)

The package web-auth-client was found to contain malicious code...

MAL-2025-5971 Malicious code in vss-web-auth-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70dc7c0837db09d1f3b1d98483b9ce346b56d8ea5ae46ee6b2d974d8be75ea26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Username Enumeration

web-auth/webauthn-framework and web-auth/webauthn-lib are vulnerable to Username Enumeration. The vulnerability is due to the ProfileBasedRequestOptionsBuilder method returning allowedCredentials without any credentials if no username was found. This allows an attacker to enumerate valid username...

CVE-2024-39912 Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found...

CVE-2024-39912

CVE-2024-39912 affects web-auth/webauthn-lib (PHP/Symfony) where ProfileBasedRequestOptionsBuilder returns allowedCredentials without credentials if no username is found, enabling username enumeration when WebAuthn is used as the first/only authentication method. Documented impact is enumeration ...

SUSE CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

Malicious Package

Overview ldtzstxwzpntxqn is a malicious package. A copy-paste of the legitimate package npmi, used by the malicious package gxm-reference-web-auth-server and maintained by the same malicious actor. See gxm-reference-web-auth-server advisory for more information:...

Malicious Package

Overview lznfjbhurpjsqmr is a malicious package. A copy-paste of the legitimate package global-npm, used by the malicious package gxm-reference-web-auth-server and maintained by the same malicious actor. See gxm-reference-web-auth-server advisory for more information:...

CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

KLA10104 CI vulnerability in Cisco NAC Appliance

XSS vulnerabilities were found in the Cisco NAC Appliance. By exploiting this vulnerability malicious users can inject arbitrary web scripts. This vulnerability can be exploited from the network at a point related to web-auth. Original advisories Cisco bulletin Related products...

CVE-2012-5991

CVE-2012-5991 affects Cisco Wireless LAN Controller 7.2.110.0. The issue arises from insufficient validation of user-supplied input to the WLC web interface (web_auth_custom.html), enabling remote authenticated users to cause a denial of service (device reload) via a crafted buttonClicked value i...