Total
3899 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-59934 | 2025-09-29 | N/A | 9.4 CRITICAL | ||
| Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the token’s signature, expiration, issuer, or audience. If an attacker learns the victim’s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victim’s password. This issue has been patched in version 4.0.1. | |||||
| CVE-2025-56752 | 1 Ruijie | 40 Rg-es205gc, Rg-es205gc-p, Rg-es205gc-p Firmware and 37 more | 2025-09-29 | N/A | 9.4 CRITICAL |
| A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote attackers to fully bypass authentication mechanisms, providing them with unrestricted access to alter administrative settings and potentially seize control of affected devices via crafted HTTP POST request to /user.cgi. | |||||
| CVE-2024-27275 | 1 Ibm | 1 I | 2025-09-29 | N/A | 7.4 HIGH |
| IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. | |||||
| CVE-2025-58443 | 1 Fogproject | 1 Fogproject | 2025-09-29 | N/A | 9.1 CRITICAL |
| FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: https://docs.fogproject.org/en/latest/install-fog-server#choosing-a-fog-version. | |||||
| CVE-2024-9133 | 1 Arista | 1 Ng Firewall | 2025-09-29 | N/A | 6.6 MEDIUM |
| A user with administrator privileges is able to retrieve authentication tokens | |||||
| CVE-2024-36266 | 1 Siemens | 1 Powersys | 2025-09-26 | N/A | 9.3 CRITICAL |
| A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application insufficiently protects responses to authentication requests. This could allow a local attacker to bypass authentication, thereby gaining administrative privileges for the managed remote devices. | |||||
| CVE-2024-37313 | 1 Nextcloud | 1 Nextcloud Server | 2025-09-26 | N/A | 7.3 HIGH |
| Nextcloud server is a self hosted personal cloud system. Under some circumstance it was possible to bypass the second factor of 2FA after successfully providing the user credentials. It is recommended that the Nextcloud Server is upgraded to 26.0.13, 27.1.8 or 28.0.4 and Nextcloud Enterprise Server is upgraded to 21.0.9.17, 22.2.10.22, 23.0.12.17, 24.0.12.13, 25.0.13.8, 26.0.13, 27.1.8 or 28.0.4. | |||||
| CVE-2025-20160 | 2025-09-26 | N/A | 8.1 HIGH | ||
| A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepting arbitrary authentication requests. A successful exploit could allow the attacker to view sensitive information in a TACACS+ message or bypass authentication and gain access to the affected device. | |||||
| CVE-2025-51451 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-09-26 | N/A | 9.8 CRITICAL |
| In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. | |||||
| CVE-2024-45051 | 1 Discourse | 1 Discourse | 2025-09-25 | N/A | 8.2 HIGH |
| Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-54761 | 1 Yandaozi | 1 Ppress | 2025-09-25 | N/A | 8.0 HIGH |
| An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie. | |||||
| CVE-2025-34186 | 1 Ilevia | 2 Eve X1 Server, Eve X1 Server Firmware | 2025-09-25 | N/A | 9.8 CRITICAL |
| Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system. | |||||
| CVE-2024-13088 | 1 Qnap | 1 Qurouter | 2025-09-24 | N/A | 7.8 HIGH |
| An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: QuRouter 2.5.0.140 and later | |||||
| CVE-2025-55241 | 1 Microsoft | 1 Entra Id | 2025-09-24 | N/A | 10.0 CRITICAL |
| Azure Entra ID Elevation of Privilege Vulnerability | |||||
| CVE-2025-10906 | 2025-09-24 | 7.2 HIGH | 8.4 HIGH | ||
| A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can lead to missing authentication. The attack needs to be launched locally. The exploit has been published and may be used. | |||||
| CVE-2025-54376 | 1 Hoverfly | 1 Hoverfly | 2025-09-24 | N/A | 7.5 HIGH |
| Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, Hoverfly’s admin WebSocket endpoint /api/v2/ws/logs is not protected by the same authentication middleware that guards the REST admin API. Consequently, an unauthenticated remote attacker can stream real-time application logs (information disclosure) and/or gain insight into internal file paths, request/response bodies, and other potentially sensitive data emitted in logs. Version 1.12.0 contains a fix for the issue. | |||||
| CVE-2025-58065 | 1 Dpgaspar | 1 Flask-appbuilder | 2025-09-24 | N/A | 6.5 MEDIUM |
| Flask-AppBuilder is an application development framework. Prior to version 4.8.1, when Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create JWT tokens even after the user is disabled on the authentication provider. Users should upgrade to Flask-AppBuilder version 4.8.1 or later to receive a fix. If immediate upgrade is not possible, manually disable password reset routes in the application configuration; implement additional access controls at the web server or proxy level to block access to the reset my password URL; and/or monitor for suspicious password reset attempts from disabled accounts. | |||||
| CVE-2024-48859 | 1 Qnap | 2 Qts, Quts Hero | 2025-09-23 | N/A | 9.1 CRITICAL |
| An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later | |||||
| CVE-2025-10772 | 2025-09-22 | 5.8 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robot_devices/robots/lekiwi_remote.py of the component ZeroMQ Socket Handler. The manipulation leads to missing authentication. The attack can only be initiated within the local network. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-10672 | 2025-09-19 | 6.8 MEDIUM | 7.8 HIGH | ||
| A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach. The exploit has been made public and could be used. | |||||