19 matches found
EUVD-2019-2461
Malware in sbrugna...
EUVD-2001-0048
Malware in sbrugna...
EUVD-2017-14249
Malware in sbrugna...
EUVD-2025-23885
Malicious code in bioql PyPI...
EUVD-2022-53477
Malicious code in bioql PyPI...
EUVD-2022-0104
Malicious code in bioql PyPI...
EUVD-2024-43407
Malicious code in bioql PyPI...
EUVD-2022-52913
Malicious code in bioql PyPI...
CVE-2020-35185
The official ghost docker images before 2.16.1-alpine Alpine specific contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...
D-Link DIR-605L/DIR-618 formSetPassword Function Access Control Error Vulnerability
The D-Link DIR-605L and D-Link DIR-618 are both a wireless router from China-based AUO D-Link. An Access Control Error vulnerability exists in the D-Link DIR-618 version 2.02 and the D-Link DIR-605L version 3.02, which stems from improper access control of the file /goform/formSetPassword, and ca...
CVE-2025-27656
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Password Stored in Process List V-2023-011...
CVE-2025-22273
Application does not limit the number or frequency of user interactions, such as the number of incoming requests. At the "/EPMUI/VfManager.asmx/ChangePassword" endpoint it is possible to perform a brute force attack on the current password in use. This issue affects CyberArk Endpoint Privilege...
CVE-2020-5229
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially...
CVE-2024-45833
Mattermost Mobile Apps versions =2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary when the user has Swiftkey as the default keyboard, the masking is off and the password contains a...
CVE-2023-33263
In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. NOTE: this is a product from 2006...
Fluent Fluentd and Fluent-ui use default password
An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password...
PT-2022-8323 · 3S Smart Software Solutions +1 · Codesys Development System +1
Name of the Vulnerable Software and Affected Versions: Pilz PMC programming tool versions 3.x through 3.5.16 Description: A security issue allows an attacker to change a user's password without knowing the current password. This is possible in the Pilz PMC programming tool, which is based on the...
MGASA-2015-0110 Updated moodle packages fix security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.9, by modifying URL a logged in user can view the list of another user's contacts, number of unread messages and list of their courses CVE-2015-2266. In Moodle before 2.6.9, authentication in mdeploy can be bypassed. It i...
CVE-2005-0288
The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords...