Lucene search
K

71 matches found

CNNVD
CNNVD
added 2024/03/21 12:0 a.m.4 views

CDeX 安全漏洞

CDeX is a free software package from CDeX Inc. for extracting digital audio from audio CDs and converting audio formats for Microsoft Windows. A security vulnerability exists in CDeX 5.7.1 and earlier versions that originated from allowing an attacker to conduct a brute force attack against a val...

8CVSS6.3AI score0.00598EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/02/06 12:0 a.m.6 views

CVE-2023-47354

An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...

7.5AI score0.00269EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/01/02 12:31 a.m.10 views

CVE-2024-0186 HuiRan Host Reseller System HTTP POST Request password recovery

A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST Request Handler. The manipulation leads to weak password recovery. It is possible to launch the...

3.7CVSS8.3AI score0.00606EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/10 12:0 a.m.7 views

PHPGurukul Nipah virus Testing Management System SQL Injection Vulnerability

PHPGurukul Nipah Virus Testing Management System is an online virus diagnostic platform from PHPGurukul Inc. An injection vulnerability exists in version 1.0 of the PHPGurukul Nipah Virus Testing Management System, which originates from a SQL injection vulnerability in the file...

9.8CVSS7.9AI score0.00989EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.4 views

PT-2023-24837 · Soar Cloud · Soar Cloud Ltd. Hr Portal

Name of the Vulnerable Software and Affected Versions: Soar Cloud Ltd. HR Portal affected versions not specified Description: The issue concerns a weak Password Recovery Mechanism for Forgotten Password in the Soar Cloud Ltd. HR Portal. The reset password link sent out through e-mail remains vali...

7.8CVSS7.5AI score0.00169EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.5 views

Acronis Cyber Protect 安全漏洞

Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, cybersecurity and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. A security vulnerabili...

7.8CVSS6.8AI score0.00166EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/01 12:0 a.m.7 views

CVE-2023-33754

The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials...

6.7AI score0.00656EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/04/08 12:0 a.m.11 views

PT-2023-17363 · Unknown · Phpgurukul Bp Monitoring Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul BP Monitoring Management System version 1.0 Description: A critical issue has been found in the Password Recovery component, specifically in the file password-recovery.php. The manipulation of the emailid or contactno argument lead...

9.8CVSS7.6AI score0.00737EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.8 views

CVE-2022-47377

Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version = 1.13.4 as soon as possible available in SICK Support Portal...

9.7AI score0.00883EPSS
Exploits0References1
NVD
NVD
added 2022/11/01 9:15 p.m.27 views

CVE-2022-27584

Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...

9.8CVSS0.01235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.6 views

CVE-2022-43990

Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 with firmware version = 2.2.0 as soon as possible available in SICK Support Portal...

7.5AI score0.00807EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.26 views

CVE-2022-27585

Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version = 1.6.0 as soon as possible available in SICK Support Portal...

9.8AI score0.01235EPSS
Exploits0References1
CVE
CVE
added 2022/11/01 12:0 a.m.45 views

CVE-2022-27582

CVE-2022-27582 affects SICK SIM4000 (PPC) Partnumber 1078787, with versions <= 1.10.1. A password recovery mechanism allows an unprivileged remote attacker to gain access to the user level RecoverableUserLevel, resulting in privilege elevation and impact to confidentiality, integrity, and avai...

9.8CVSS9.6AI score0.01235EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.26 views

CVE-2022-27582

Password recovery vulnerability in SICK SIM4000 PPC Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and there...

9.9AI score0.01235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.3 views

CVE-2022-27586

Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version = 2.0.0 as soon as possible available in SICK Support Portal...

9.7AI score0.01235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.6 views

CVE-2022-27584

Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby...

9.7AI score0.01235EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/10/10 12:0 a.m.7 views

The vulnerability of the JDBC platform integration data processing server Apache InLong’s URL address handler allows a attacker to execute arbitrary code.

The vulnerability of the JDBC URL connection handler of the Apache InLong data integration platform is related to the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.02143EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/09 8:15 p.m.4 views

CVE-2022-35811

Azure Site Recovery Elevation of Privilege Vulnerability...

6.5CVSS6.9AI score0.01625EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2022/08/09 8:8 p.m.7 views

EUVD-2022-38675

Azure Site Recovery Elevation of Privilege Vulnerability...

8.1CVSS8AI score0.01614EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/09 7:59 p.m.5 views

CVE-2022-35776 Azure Site Recovery Denial of Service Vulnerability

...

6.2CVSS6.3AI score0.00787EPSS
Exploits0References1
Rows per page
Query Builder