CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

114 matches found

NVD•added 2026/05/16 4:16 p.m.•9 views

CVE-2020-37228

iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retrieve valid CAPTCHA codes via the login endpoint and use them to perform brute-force attacks agains...

9.8CVSS0.00095EPSS

Exploits1References4

Positive Technologies•added 2026/04/21 12:0 a.m.•1 views

PT-2026-33928

This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading...

7.6CVSS5.8AI score0.00025EPSS

Exploits0References2

NVD•added 2026/03/17 6:16 p.m.•1 views

CVE-2026-32295

JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials...

9.3CVSS0.00047EPSS

Exploits0References4

OSV•added 2026/03/17 6:16 p.m.•1 views

CVE-2026-32295

JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials...

9.3CVSS6.1AI score0.00047EPSS

Exploits0References4

ATTACKERKB•added 2026/03/17 5:19 p.m.•2 views

CVE-2026-32295

JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials...

9.3CVSS5.8AI score0.00047EPSS

Exploits0References5

ICS•added 2026/03/17 5:2 p.m.•2 views

Multiple IP-KVM Vulnerabilities

RISK EVALUATION Multiple KVM products GL-iNet GL-RM1, Angeet ES3 KVM, Sipeed NanoKVM, and JetKVM are affected by multiple vulnerabilities. The most severe of these vulnerabilities could allow a remote, unauthenticated attacker to take complete control of a vulnerable product. 2. RECOMMENDED...

7CVSS6.2AI score0.00008EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:49 a.m.•3 views

CVE-2020-24007

Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page...

9.8CVSS7.2AI score0.01847EPSS

Exploits1References1

CVE•added 2025/12/16 12:0 a.m.•14 views

CVE-2025-65427

The CVE-2025-65427 affects the Dbit N300 T1 Pro Easy Setup Wireless Wi‑Fi Router (firmware V1.0.0). The root cause is lack of rate limiting on the /api/login endpoint, enabling brute-force password enumeration. Documented impact: password guessing attempts are possible with network access; remedi...

6.5CVSS6.7AI score0.00057EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/10/30 12:0 a.m.•4 views

CVE-2025-61120

AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...

6.7AI score0.00048EPSS

Exploits0References1

EUVD•added 2025/10/27 3:30 p.m.•1 views

EUVD-2025-36181

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

6.5AI score0.00042EPSS

Exploits0References3

NVD•added 2025/10/27 3:15 p.m.•2 views

CVE-2025-26862

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

0.00042EPSS

Exploits0References2

CVE•added 2025/10/27 2:39 p.m.•7 views

CVE-2025-26862

CVE-2025-26862 affects Ping Identity PingFederate’s HTML Form Adapter when operating in non-default redirectless mode, where it can render authentication forms unexpectedly. This behavior may enable brute-force login attempts. The issue is described consistently across multiple sources (NVD, Red ...

6.6AI score0.00042EPSS

Exploits0References2

Cvelist•added 2025/10/27 2:39 p.m.•3 views

CVE-2025-26862 PingFederate unexpected browser flow initiation in redirectless mode

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

0.00042EPSS

Exploits0References2

CNNVD•added 2025/10/27 12:0 a.m.•1 views

Ping Identity PingFederate 安全漏洞

Ping Identity PingFederate is a flagship software-based federation server from US-based Ping Identity, Inc. for identity management. A security vulnerability exists in Ping Identity PingFederate that stems from the HTML Form Adapter accidentally rendering authentication forms in a non-default no...

6.7AI score0.00042EPSS

Exploits0References3

Positive Technologies•added 2025/10/27 12:0 a.m.•1 views

PT-2025-43964

Name of the Vulnerable Software and Affected Versions PingFederate affected versions not specified Description A configuration issue in PingFederate’s HTML Form Adapter, specifically when operating in non-default redirectless mode, can lead to unexpected authentication form rendering. This allows...

6.5AI score0.00042EPSS

Exploits0References4

CNNVD•added 2025/10/17 12:0 a.m.•3 views

SigningHub 安全漏洞

SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version 8.6.8, which stems from a lack of rate limiting in the login mechanism and could lead to a brute force attack to bypass authentication...

9.8CVSS6.6AI score0.00067EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-11237

Malware in sbrugna...

9.8CVSS9.5AI score0.00398EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-13000

Malware in sbrugna...

8.6CVSS8.7AI score0.01497EPSS

Exploits0References5