Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

NVD
NVDadded 2021/01/27 4:15 p.m.13 views

CVE-2020-23355

PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully...

7.5CVSS7.7AI score0.00985EPSS
Exploits0References1
CVE
CVEadded 2021/01/27 3:26 p.m.53 views

CVE-2020-23355

CVE-2020-23355 affects Codiad 2.8.4, where in the file /componetns/user/class.user.php the Authenticate() function is vulnerable to a magic hash authentication bypass. Encrypted or hashed passwords that take certain formats (e.g., 0e123 or 0e234) can bypass authentication. Multiple connected advi...

7.5CVSS7.7AI score0.00985EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2018/04/24 6:25 a.m.11 views

USN-3632-1 linux-azure vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10References16
The Hacker News
The Hacker Newsadded 2017/05/16 10:24 p.m.23 views

Beware! Hackers Can Steal Your Windows Password Remotely Using Chrome

A security researcher has discovered a serious vulnerability in the default configuration of the latest version of Google's Chrome running on any version of Microsoft's Windows operating system, including Windows 10, that could allow remote hackers to steal user's login credentials. Researcher...

7.3AI score
Exploits0
NVD
NVDadded 2017/05/06 12:29 a.m.26 views

CVE-2017-7927

A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3,...

7.5CVSS8AI score0.36747EPSS
Exploits0References3
Metasploit
Metasploitadded 2010/09/20 8:6 a.m.56 views

SMB File Upload Utility

This module uploads a file to a target share and path. The only reason to use this module is if your existing SMB client is not able to support the features of the Metasploit Framework that you need, like pass-the-hash authentication. This module requires Metasploit: https://metasploit.com/downlo...

7.2AI score
Exploits0
Cvelist
Cvelistadded 2005/02/16 5:0 a.m.23 views

CVE-2005-0408

CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the idhash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating the MD5 checksum of the user name combined with the "boogaadeeboo" string, which is hard-coded in th...

9.9AI score0.04866EPSS
Exploits1References2
Rows per page
Query Builder