Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/01/23 12:26 p.m.6 views

CVE-2025-4320 Information Disclosure in Birebirsoft's Sufirmam

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor w...

10CVSS5.4AI score0.0046EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 12:26 p.m.29 views

CVE-2025-4320

CVE-2025-4320 concerns an authentication bypass caused by a weak password recovery mechanism in Sufirmam, a product of Birebirsoft Software and Technology Solutions. The issue allows bypass of authentication and potential password-recovery exploitation, affecting Sufirmam through version 23012026...

10CVSS5.4AI score0.0046EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/23 12:23 p.m.30 views

CVE-2025-4319 Improper Access Control in Birebirsoft's Sufirmam

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The...

9.4CVSS0.00369EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.5 views

CVE-2024-39597

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the merchant to approve the account beforehand. If the site is not configured as isolated site, this ca...

7.2CVSS7.2AI score0.00282EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 12:30 a.m.5 views

EUVD-2025-35742

A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted project by answering just one recovery question...

7.3CVSS6.5AI score0.0013EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-23039

Malware in sbrugna...

5.3CVSS5.6AI score0.00523EPSS
Exploits1References2
OSV
OSV
added 2021/06/11 4:15 p.m.3 views

CVE-2021-22763

A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could allow an attacker administrator level access to a device...

9.8CVSS5.8AI score0.01843EPSS
Exploits0References2
Rows per page
Query Builder