Lucene search
+L

204 matches found

cnnvd
cnnvd
added 2023/03/21 12:0 a.m.3 views

MEGAFEIS DBD+ 授权问题漏洞

MEGAFEIS DBD+ is a smart fingerprint Bluetooth padlock from MEGAFEIS. A security vulnerability exists in MEGAFEIS DBD+ version 1.4.4 that stems from the presence of an insecure password reset...

9.8CVSS8.3AI score0.00771EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2023/03/21 12:0 a.m.7 views

CVE-2022-45637

An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism...

9.4AI score0.00771EPSS
Exploits1References1
cvelist
cvelist
added 2023/03/21 12:0 a.m.30 views

CVE-2022-45635

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy...

7.8AI score0.00783EPSS
Exploits2References1
veracode
veracode
added 2022/12/08 4:15 a.m.23 views

Information Disclosure

passeo is vulnerable to information disclosure. The vulnerability exists due to the use of insecure random password generation library used in the generate function of init.py, allowing an attacker to guess the password...

7.5CVSS7AI score0.00791EPSS
Exploits0References4Affected Software1
malwarebytes
malwarebytes
added 2022/07/12 1:20 p.m.62 views

Insecure password leads to Mangatoon data breach

The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user accounts could be at risk, thanks to a poorly secured database. Worse still, Mangatoon doesnt seem to be responding to messages from the breacher, or people notifying it that the...

7.3AI score
Exploits0
nvd
nvd
added 2022/03/04 7:15 p.m.22 views

CVE-2021-27757

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."...

7.5CVSS0.00573EPSS
Exploits0References1
packetstorm
packetstorm
added 2022/01/03 12:0 a.m.239 views

Backdoor.Win32.Fantador Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a1d045151c809535a308311931588fd0B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Fantador Vulnerability: Insecure Password Storage Description: The malware has an FT...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2021/12/28 12:0 a.m.328 views

Backdoor.Win32.Visiotrol.10 Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f9dc0a462ada737f36efafac56f22b97.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Visiotrol.10 Vulnerability: Insecure Password Storage Description: The malware listen...

7.4AI score
Exploits0
osv
osv
added 2021/08/23 5:15 a.m.5 views

CVE-2021-39289

Certain NetModule devices have Insecure Password Handling cleartext or reversible encryption, These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB38...

7.5CVSS5.8AI score0.01078EPSS
Exploits3References2
nvd
nvd
added 2021/08/23 5:15 a.m.31 views

CVE-2021-39289

Certain NetModule devices have Insecure Password Handling cleartext or reversible encryption, These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB38...

7.5CVSS0.01078EPSS
Exploits3References2
prion
prion
added 2021/08/23 5:15 a.m.20 views

Design/Logic Flaw

Certain NetModule devices have Insecure Password Handling cleartext or reversible encryption, These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB38...

5CVSS7.7AI score0.01078EPSS
Exploits3References2Affected Software1
cve
cve
added 2021/08/23 4:33 a.m.102 views

CVE-2021-39289

CVE-2021-39289 affects NetModule Router Software (NRSW) and various NetModule NB devices where passwords are stored in cleartext or with reversible encryption. Affected devices include NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, a...

7.5CVSS8.1AI score0.01078EPSS
Exploits3References2Affected Software1
cvelist
cvelist
added 2021/08/23 4:33 a.m.40 views

CVE-2021-39289

Certain NetModule devices have Insecure Password Handling cleartext or reversible encryption, These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB38...

7.8AI score0.01078EPSS
Exploits3References2
zdt
zdt
added 2021/08/21 12:0 a.m.191 views

NetModule Router Software Password Handling / Session Fixation Vulnerability

NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities. ======================================================================= title: Multiple Vulnerabilities in NetModule Router Software product...

9.8CVSS0.4AI score0.01529EPSS
Exploits5
packetstorm
packetstorm
added 2021/08/20 12:0 a.m.305 views

NetModule Router Software Password Handling / Session Fixation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities in NetModule Router Software product: NetModule Router Software NRSW vulnerable version: Before 4.3.0.113, 4.4.0.111, 4.5.0.105 fixed version:...

8.2AI score0.01529EPSS
Exploits5
osv
osv
added 2021/08/11 9:15 p.m.8 views

CVE-2017-16631

In SapphireIMS 40971, a guest user is able to change the password of an administrative user by utilizing an Insecure Direct Object Reference IDOR in the "Account Password Reset" functionality...

6.5CVSS5.8AI score0.00648EPSS
Exploits0References2
gentoo
gentoo
added 2021/07/08 12:0 a.m.33 views

rclone: Weak random number generation

Background rclone is a problem to sync files to and from various cloud storage providers. Description Passwords generated with rclone were insecurely generated and are vulnerable to brute force attacks. Impact Data kept secret with a password generated by rclone may be disclosed to a local...

7.5CVSS1.9AI score0.01336EPSS
Exploits1
ncsc
ncsc
added 2021/03/31 12:0 a.m.6 views

Vulnerabilities fixed in Zabbix

SUSE has fixed vulnerabilities in its Zabbix packages. The vulnerabilities relate to an incorrectly implemented mechanism that protects against cross-site request forgery CSRF attacks and on insecure password hashing. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE...

8.8CVSS7.2AI score0.01472EPSS
Exploits0
osv
osv
added 2021/02/09 5:15 p.m.6 views

CVE-2020-10048

A vulnerability has been identified in SIMATIC PCS 7 All versions, SIMATIC WinCC All versions V7.5 SP2. Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing...

5.5CVSS5.7AI score0.00336EPSS
Exploits0References1
nvd
nvd
added 2021/02/09 5:15 p.m.52 views

CVE-2020-10048

A vulnerability has been identified in SIMATIC PCS 7 All versions, SIMATIC WinCC All versions V7.5 SP2. Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing...

5.5CVSS0.00336EPSS
Exploits0References1
Rows per page
Query Builder