4 matches found
CVE-2026-31282
Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be manipulated to reveal the login form. An attacker can chain that with missing rate-limit on the login form to launch a brute force attack. NOTE: this is disputed by the Supplier because 1 local log...
CVE-2026-31282
Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be manipulated to reveal the login form. An attacker can chain that with missing rate-limit on the login form to launch a brute force attack. NOTE: this is disputed by the Supplier because 1 local log...
PT-2026-32359
Name of the Vulnerable Software and Affected Versions Totara LMS versions prior to 19.1.6 Description Incorrect Access Control allows the login page code to be manipulated to reveal the login form. This can be combined with a missing rate-limit on the login form to facilitate a brute force attack...
PT-2024-19414 · Dell · Dell Recoverpoint For Virtual Machines
Name of the Vulnerable Software and Affected Versions: Dell RecoverPoint for Virtual Machines versions 5.3.x through 6.0.SP1 Description: The issue allows an unauthenticated remote attacker to launch a brute force attack or a dictionary attack against the RecoverPoint login form, enabling them to...