Lucene search
K

365 matches found

CVE
CVE
added 2025/06/12 2:19 p.m.45 views

CVE-2025-49195

CVE-2025-49195 describes a vulnerability where an FTP server login mechanism does not limit authentication attempts, enabling brute-force password guessing. Connected sources associate this issue with SICK Field Analytics and SICK Media Server products. The CVE is tracked in NVD/Red Hat/CVE recor...

9.8CVSS7.3AI score0.00453EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:31 a.m.11 views

CVE-2024-5684

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

8.8CVSS7.3AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:12 a.m.9 views

CVE-2024-35143

IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database. IBM...

9.1CVSS6.8AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.32 views

CVE-2020-35208

An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authentica...

5.7CVSS7.3AI score0.00474EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:10 p.m.9 views

CVE-2020-35221

The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers with access to a network capture to quickly generate multiple collisions to generate valid passwords, or infer some parts of the original...

8.8CVSS7.4AI score0.0047EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.7 views

CVE-2020-23036

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the password authentication parameter of the wifi photo transfer module. This vulnerability allows attackers with network access privileges or on public wifi networks to re...

5.9CVSS7.5AI score0.01089EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 a.m.6 views

CVE-2019-17216

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. Password authentication uses MD5 to hash passwords. Cracking is possible with minimal effort...

9.8CVSS7.2AI score0.00749EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 a.m.10 views

CVE-2012-5975

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session...

9.3CVSS7.3AI score0.35874EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:49 a.m.12 views

CVE-2013-5163

Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors...

6.6CVSS6.7AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:13 p.m.6 views

CVE-2005-4767

BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 SP6 and earlier, when using username/password authentication, does not lock out a username after the maximum number of invalid login attempts, which makes it easier for remote attackers to guess the password...

5.1CVSS7AI score0.01401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/14 4:30 p.m.15 views

CVE-2025-46750

SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set...

4.4CVSS7.2AI score0.0015EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 5:18 p.m.6 views

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.4AI score0.00824EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/05/13 2:2 p.m.5 views

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.4AI score0.00824EPSS
Exploits0References6
NVD
NVD
added 2025/05/12 5:15 p.m.12 views

CVE-2025-46750

SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set...

4.4CVSS0.0015EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/12 1:31 a.m.3 views

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.4AI score0.00824EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.5 views

PT-2025-20722 · Sel Bios · Sel Bios

Name of the Vulnerable Software and Affected Versions: SEL BIOS packages versions prior to 1.3.49152.117 SEL BIOS packages versions prior to 2.6.49152.98 Description: A local attacker can bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file...

4.4CVSS6.6AI score0.0015EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure a Proper SSH Service Authentication Mode

A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...

7.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure a Proper SSH Service Authentication Mode

A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...

7.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/06 3:35 p.m.5 views

redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.4AI score0.00824EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2025/04/23 12:0 a.m.10 views

redis,valkey -- DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Axel Mierczuk reports: By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit. Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password...

7.5CVSS7.5AI score0.00824EPSS
Exploits0References1
Rows per page
Query Builder