EUVD-2026-34094

ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...

LLMs Generate Predictable Passwords

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven ­ for example, L , 9, m, 2, $ and...

AI-generated passwords are a security risk

Using Artificial Intelligence AI to generate your passwords is a bad idea. It's likely to give that password to a criminal who can then use it in a dictionary attack—which is when an attacker runs through a prepared list of likely passwords words, phrases, patterns with automated tools until one ...

BrightSign OS 安全漏洞

BrightSign OS is an operating system designed for hardware players by the American company BrightSign. Versions prior to BrightSign OS Series 4 v8.5.53.1 and Series 5 v9.0.166 contained security vulnerabilities. These vulnerabilities stemmed from the use of predictable default passwords, which...

newbee-mall 信任管理问题漏洞

newbee-mall is an e-commerce system developed under open source by newbee. newbee-mall has a vulnerability related to trust management. This vulnerability stems from the database initialization script, which includes pre-set administrator accounts with predictable default passwords. This allows...

CVE-2025-41692 Weak/Predictable root Password

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm...

PT-2025-49779

WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...

EUVD-2002-0223

Malware in sbrugna...

EUVD-2013-4584

Malware in sbrugna...

EUVD-2013-4313

Malware in sbrugna...

EUVD-2020-26547

Malware in sbrugna...

EUVD-2017-9161

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-4441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context- dependent attackers to guess the password via a brute-force...

CVE-2024-25729

Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet...

CVE-2013-4734

dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...

Design/Logic Flaw

Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet...

PT-2024-13443 · Technicolor · Technicolor Tc8715D

Name of the Vulnerable Software and Affected Versions: Technicolor TC8715D affected versions not specified Description: The issue concerns Technicolor TC8715D devices, which have predictable default WPA2 security passwords. An attacker who scans for SSID and BSSID values may be able to predict...

SUSE CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

CVE-2022-25219

A null byte interaction error has been discovered in the code that the telnetdstartup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP...

CVE-2022-25219

CVE-2022-25219/25218 describe a flaw in the telnetd_startup routine where the use of RSA without padding (or OAEP) enables an unauthenticated attacker on the local network to influence the decrypted plaintext via crafted UDP packets, potentially gaining a root shell. The 25219 issue centers on a ...