71 matches found
CDeX 安全漏洞
CDeX is a free software package from CDeX Inc. for extracting digital audio from audio CDs and converting audio formats for Microsoft Windows. A security vulnerability exists in CDeX 5.7.1 and earlier versions that originated from allowing an attacker to conduct a brute force attack against a val...
CVE-2023-47354
An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...
CVE-2024-0186 HuiRan Host Reseller System HTTP POST Request password recovery
A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST Request Handler. The manipulation leads to weak password recovery. It is possible to launch the...
PHPGurukul Nipah virus Testing Management System SQL Injection Vulnerability
PHPGurukul Nipah Virus Testing Management System is an online virus diagnostic platform from PHPGurukul Inc. An injection vulnerability exists in version 1.0 of the PHPGurukul Nipah Virus Testing Management System, which originates from a SQL injection vulnerability in the file...
PT-2023-24837 · Soar Cloud · Soar Cloud Ltd. Hr Portal
Name of the Vulnerable Software and Affected Versions: Soar Cloud Ltd. HR Portal affected versions not specified Description: The issue concerns a weak Password Recovery Mechanism for Forgotten Password in the Soar Cloud Ltd. HR Portal. The reset password link sent out through e-mail remains vali...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, cybersecurity and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security vulnerabili...
CVE-2023-33754
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials...
PT-2023-17363 · Unknown · Phpgurukul Bp Monitoring Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul BP Monitoring Management System version 1.0 Description: A critical issue has been found in the Password Recovery component, specifically in the file password-recovery.php. The manipulation of the emailid or contactno argument lead...
CVE-2022-47377
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version = 1.13.4 as soon as possible available in SICK Support Portal...
CVE-2022-27584
Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...
CVE-2022-43990
Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version = 2.2.0 as soon as possible available in SICK Support Portal...
CVE-2022-27585
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version = 1.6.0 as soon as possible available in SICK Support Portal...
CVE-2022-27582
CVE-2022-27582 affects SICK SIM4000 (PPC) Partnumber 1078787, with versions <= 1.10.1. A password recovery mechanism allows an unprivileged remote attacker to gain access to the user level RecoverableUserLevel, resulting in privilege elevation and impact to confidentiality, integrity, and avai...
CVE-2022-27582
Password recovery vulnerability in SICK SIM4000 PPC Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and there...
CVE-2022-27586
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version = 2.0.0 as soon as possible available in SICK Support Portal...
CVE-2022-27584
Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...
The vulnerability of the JDBC platform integration data processing server Apache InLong’s URL address handler allows a attacker to execute arbitrary code.
The vulnerability of the JDBC URL connection handler of the Apache InLong data integration platform is related to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2022-35811
Azure Site Recovery Elevation of Privilege Vulnerability...
EUVD-2022-38675
Azure Site Recovery Elevation of Privilege Vulnerability...
CVE-2022-35776 Azure Site Recovery Denial of Service Vulnerability
...