Lucene search
K

368 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.7 views

CVE-2023-49106

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux Device Manager Agent component.This issue affects Hitachi Device Manager: before 8.8.5-04...

7.5CVSS7AI score0.00444EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 5:15 a.m.12 views

CVE-2025-14996

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

9.8CVSS0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/06 4:31 a.m.2 views

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

9.8CVSS6.4AI score0.00317EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/06 4:31 a.m.27 views

CVE-2025-14996 AS Password Field In Default Registration Form <= 2.0.0 - Unauthenticated Privilege Escalation via Account Takeover

The AS Password Field In Default Registration Form plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it...

9.8CVSS0.00317EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.7 views

WordPress plugin AS Password Field In Default Registration Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.5AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/23 12:30 a.m.5 views

EUVD-2022-55751

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

6.9CVSS6.5AI score0.00177EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/23 12:30 a.m.7 views

EUVD-2022-55749

Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash...

6.9CVSS6.5AI score0.00185EPSS
Exploits1References4
OSV
OSV
added 2025/12/22 10:15 p.m.3 views

CVE-2022-50687

Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash...

5.5CVSS6AI score0.00185EPSS
Exploits1References3
CVE
CVE
added 2025/12/22 9:35 p.m.12 views

CVE-2022-50689

CVE-2022-50689 affects Cobian Reflector 0.9.93 RC1. A denial-of-service can be triggered by overflowing the password input field during SFTP task configuration, e.g., pasting an ~8000-byte buffer into the password field, causing the application to crash. Multiple connected sources (NVD/NVD-derive...

6.9CVSS6.7AI score0.00177EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/22 9:35 p.m.2 views

CVE-2022-50689 Cobian Reflector 0.9.93 RC1 Local Denial of Service via Password Field

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

6.9CVSS6.7AI score0.00177EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/22 9:35 p.m.23 views

CVE-2022-50689 Cobian Reflector 0.9.93 RC1 Local Denial of Service via Password Field

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

6.9CVSS0.00177EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/22 9:35 p.m.25 views

CVE-2022-50687 Cobian Backup 11 Gravity 11.2.0.582 Local Denial of Service via Password Field

Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash...

6.9CVSS0.00185EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/22 9:35 p.m.2 views

CVE-2022-50687 Cobian Backup 11 Gravity 11.2.0.582 Local Denial of Service via Password Field

Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash...

6.9CVSS6.6AI score0.00185EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.3 views

Cobian Backup Gravity 安全漏洞

Cobian Backup Gravity is a file backup software by Luis Cobian Personal Developer. A security vulnerability exists in Cobian Backup Gravity version 11.2.0.582, which stems from an FTP password input field that could lead to a denial of service attack...

6.9CVSS6.7AI score0.00185EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.4 views

Cobian Reflector 安全漏洞

Cobian Reflector is a file backup software by Luis Cobian Personal Developer. A security vulnerability exists in Cobian Reflector version 0.9.93 RC1, which stems from a password input field overflow that could lead to a denial of service attack...

6.9CVSS6.9AI score0.00177EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.3 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems from the U.S.-based Apple Inc. developed specifically for Mac computers. A security vulnerability exists in Apple macOS Sequoia prior to version 15.7.3, which stems from a state management issue that could result in the accidental display of...

7.5CVSS6.3AI score0.00848EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.8 views

CVE-2025-52493

PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...

6.5CVSS6.8AI score0.00345EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/12/10 12:0 a.m.8 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-3630 / CVE-2025-67635 Denial of service vulnerability in HTTP-based CLI Medium SECURITY-1809 / CVE-2025-67636 Missing permission check on password fields Medium SECURITY-783 / CVE-2025-67637 storage, CVE-2025-67638 masking Build authorization...

7.5CVSS7AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/01 12:0 a.m.7 views

CVE-2025-63531

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

10CVSS0.00587EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/24 6:2 a.m.2 views

CVE-2025-13586 SourceCodester Online Student Clearance System changepassword.php sql injection

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirmpassword causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS4.9AI score0.0028EPSS
Exploits1References5
Rows per page
Query Builder