Lucene search
+L

50 matches found

CVE
CVE
added 2022/03/07 9:56 p.m.110 views

CVE-2022-25219

CVE-2022-25219/25218 describe a flaw in the telnetd_startup routine where the use of RSA without padding (or OAEP) enables an unauthenticated attacker on the local network to influence the decrypted plaintext via crafted UDP packets, potentially gaining a root shell. The 25219 issue centers on a ...

8.4CVSS7.9AI score0.00758EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2022/03/02 12:0 a.m.16 views

Fortinet FortiPortal Security Feature Issue Vulnerability

Fortinet FortiPortal is an advanced, feature-rich managed security analysis and management support tool for Fortinet's FortiGate, FortiWiFi, and FortiAP product lines, available as a virtual machine for use by MSPs. versions, a security feature issue vulnerability exists that stems from the use o...

8.1CVSS1AI score0.01136EPSS
Exploits0References1
CVE
CVE
added 2021/06/16 11:35 a.m.43 views

CVE-2021-32033

CVE-2021-32033 affects Protectimus SLIM NFC 70 with firmware 10.01. The root cause is that the device’s internal real-time clock (RTC) can be set independently from the TOTP seed, without authentication, allowing an attacker with short-term physical access to set the clock forward, generate futur...

4.6CVSS4.6AI score0.00522EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2021/05/14 11:15 a.m.22 views

CVE-2020-27020

Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...

7.5CVSS0.00739EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/03/20 12:0 a.m.38 views

Amazon Linux AMI : cloud-init (ALAS-2021-1486)

The version of cloud-init installed on the remote host is prior to 0.7.6-43.23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1486 advisory. A flaw was found in cloud-init, where it uses the random.choice function when creating sensitive random strings used...

5.5CVSS5.9AI score0.00438EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2020-1519)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.01403EPSS
Exploits0References2
Prion
Prion
added 2020/02/05 2:15 p.m.21 views

Design/Logic Flaw

cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls the random.choice function...

2.1CVSS5.4AI score0.00438EPSS
Exploits0References4Affected Software3
NVD
NVD
added 2020/01/27 5:15 p.m.23 views

CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.8CVSS9.5AI score0.02024EPSS
Exploits0References4
OSV
OSV
added 2020/01/27 5:15 p.m.4 views

CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.8CVSS6.8AI score
Exploits0References8
OSV
OSV
added 2020/01/27 5:15 p.m.3 views

DEBIAN-CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.8CVSS8.5AI score0.02024EPSS
Exploits0References1
Prion
Prion
added 2020/01/27 5:15 p.m.18 views

Default credentials

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

5CVSS7.1AI score0.02024EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/01/27 4:8 p.m.23 views

CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.5AI score0.02024EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/01/27 4:8 p.m.44 views

CVE-2013-4441

The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack...

9.8CVSS9.5AI score0.02024EPSS
Exploits0
CVE
CVE
added 2020/01/27 4:8 p.m.52 views

CVE-2013-4441

Pwgen 2.06’s Phonemes mode produces predictable passwords, enabling context-dependent attackers to brute-force-guess passwords. Affected: Pwgen 2.06; root cause: predictability in Phonemes mode. Remediation/patch details are not provided in the connected documents.

9.8CVSS9.3AI score0.02024EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2019/12/19 9:15 p.m.28 views

Default credentials

A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.4, when /websocket is requested and the password contains the '' character. This request would cause a socket error in RabbitMQ when parsing the password and an HTTP error code 500 and partial password disclose wi...

5CVSS6AI score0.01108EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/01/05 7:29 p.m.14 views

Default credentials

It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI...

5CVSS9.6AI score0.02363EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/01/05 7:29 p.m.5 views

UBUNTU-CVE-2017-18021

It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI...

9.8CVSS5.8AI score0.02363EPSS
Exploits1References6
OSV
OSV
added 2018/01/05 7:29 p.m.1 views

DEBIAN-CVE-2017-18021

It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI...

9.8CVSS9.5AI score0.02363EPSS
Exploits1References1
CNVD
CNVD
added 2015/11/26 12:0 a.m.4 views

Trust Management Vulnerability in Multiple Arris Devices (CNVD-2015-07832)

The Arris DG860A, TG862A and TG862G are modem products from the Arris Group of Companies. A security vulnerability exists in a number of Arris devices that stems from the program's use of predictable technician passwords. The vulnerability can be exploited by a remote attacker to gain access via...

4.3CVSS7.2AI score0.02479EPSS
Exploits1References1
NVD
NVD
added 2015/11/21 11:59 a.m.24 views

CVE-2009-5149

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128100611 through TS0705125D031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "password of the day" issue...

4.3CVSS6.8AI score0.02479EPSS
Exploits1References4
Rows per page
Query Builder