Lucene search
+L

228 matches found

CVE
CVE
added 2025/06/30 11:2 p.m.25 views

CVE-2025-6932

CVE-2025-6932 affects D-Link DCS-7517 (firmware up to 2.02.0) due to a vulnerability in the Qlync Password Generation Handler’s function g_F_n_GenPassForQlync in /bin/httpd. The root cause is the use of a hard-coded password, enabling remote initiation of an attack. Public disclosures exist, but ...

6.3CVSS4.3AI score0.00866EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/30 10:32 p.m.3 views

CVE-2025-6931 D-Link DCS-6517/DCS-7517 Root Password Generation httpd generate_pass_from_mac entropy

A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generatepassfrommac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack...

6.3CVSS7.1AI score0.01586EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.3 views

PT-2025-27482 · D Link · D-Link Dcs-7517 +1

Name of the Vulnerable Software and Affected Versions: D-Link DCS-6517 versions up to 2.02.0 D-Link DCS-7517 versions up to 2.02.0 Description: A vulnerability was found in the function generate pass from mac of the file /bin/httpd of the component Root Password Generation Handler. The manipulati...

7.4CVSS3.9AI score0.01586EPSS
Exploits1References14
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.3 views

D-Link DCS-6517和D-Link DCS-7517 安全特征问题漏洞

The D-Link DCS-6517 and D-Link DCS-7517 are both network cameras from China AUO D-Link. A security signature issue vulnerability exists in D-Link DCS-6517 and D-Link DCS-7517 versions 2.02.0 and earlier, which stems from insufficient entropy in the password generation function...

7.4CVSS4.9AI score0.01586EPSS
Exploits1References9
NCSC
NCSC
added 2025/06/05 10:25 a.m.5 views

Vulnerability fixed in Cisco Identity Services Engine for cloud platforms

Cisco has fixed a vulnerability in Identity Services Engine ISE for cloud platforms. The vulnerability involves a flaw in automatic password generation when Cisco ISE is installed on a cloud platform. This causes the same passwords to be used in different ISE cloud environments. This allows an...

9.9CVSS7AI score0.01083EPSS
Exploits0References1
NVD
NVD
added 2025/05/26 10:15 a.m.17 views

CVE-2025-4057

A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies...

5.5CVSS0.00148EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.11 views

CVE-2024-47126

The goTenna Pro App does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an...

8.8CVSS7.1AI score0.00238EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.8 views

CVE-2020-27020

Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...

7.5CVSS6.7AI score0.00739EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:51 a.m.11 views

CVE-2019-10908

In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks...

9.8CVSS7.2AI score0.01611EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:46 a.m.8 views

CVE-2011-4931

gpw generates shorter passwords than required...

7.5CVSS6.9AI score0.01503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:26 a.m.10 views

CVE-2011-4860

The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...

10CVSS7AI score0.02756EPSS
Exploits0References1
Fedora
Fedora
added 2025/04/15 6:37 p.m.9 views

[SECURITY] Fedora 41 Update: perl-Crypt-URandom-Token-0.003-1.fc41

This module provides a secure way to generate a random token for passwords and similar using Crypt::URandom as the source of random bits...

4CVSS4.3AI score0.0011EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2016-4980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A password generation weakness exists in xquest through 2016-06-13. CVE-2016-4980 Note that Nessus relies on the presence of the package as reported by the...

2.5CVSS4.8AI score0.00322EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/07 12:0 a.m.5 views

Cisco Secure Email Gateway Privelege Escalation (cisco-sa-esa-sma-wsa-multi-yKUJhS34)

According to its self-reported version, Secure Email Gateway is affected by a vulnerability. - A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance coul...

6.7CVSS5.9AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.3 views

Smartcom SAM-4G1G-TT-W-VC和Smartcom SAM-4F1F-TT-W-A1 安全漏洞

The Smartcom SAM-4G1G-TT-W-VC and Smartcom SAM-4F1F-TT-W-A1 are both wireless routers from Smartcom. A security vulnerability exists in the Smartcom SAM-4G1G-TT-W-VC and Smartcom SAM-4F1F-TT-W-A1 that stems from a weak default WiFi password generation algorithm that could allow a remote attacker ...

5.7CVSS6.7AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2025/02/05 5:15 p.m.17 views

CVE-2025-20185

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...

6.7CVSS0.00183EPSS
Exploits0References1
OSV
OSV
added 2025/02/05 5:15 p.m.3 views

CVE-2025-20185

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...

6.7CVSS6AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 4:14 p.m.5 views

CVE-2025-20185 Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...

3.4CVSS7.5AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 4:14 p.m.70 views

CVE-2025-20185

CVE-2025-20185 affects Cisco AsyncOS Software (Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance). A vulnerability in the remote access password generation algorithm allows an authenticated, local attacker (with valid administrator credentials) to escalate privile...

6.7CVSS7.5AI score0.00183EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 1:44 p.m.10 views

CVE-2020-13365

Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21AASZ.4C0, V5.21AASZ.0C0, V5.11AASZ.3C0, and V5.11AASZ.0C0; NAS542 V5.11ABAG.0C0,...

9CVSS7AI score0.00972EPSS
Exploits0
Rows per page
Query Builder