Lucene search
K

17 matches found

GithubExploit
GithubExploit
added 2026/05/29 1:42 p.m.91 views

Exploit for CVE-2026-44596

CVE-2026-44596 — YAMCS No Rate Limiting on Authentication Endp...

5.8AI score0.00052EPSS
Exploits2
NVD
NVD
added 2026/05/28 5:16 p.m.21 views

CVE-2026-8697

Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to brute-force valid credentials via SSH. Successful...

8.8CVSS0.0051EPSS
Exploits0References2
OSV
OSV
added 2026/01/07 9:15 p.m.4 views

CVE-2025-66620

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

7.2CVSS5.8AI score0.00415EPSS
Exploits0References2
NVD
NVD
added 2026/01/07 9:15 p.m.5 views

CVE-2025-66620

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

8.6CVSS0.00415EPSS
Exploits0References2
CVE
CVE
added 2026/01/07 8:8 p.m.10 views

CVE-2025-66620

CVE-2025-66620 concerns Columbia Weather Systems MicroServer. Reports describe an unused webshell that allows unlimited login attempts and sudo rights on select files/directories. An attacker with admin access can gain a limited shell, enable persistence (reverse shells), and modify or remove fil...

8.6CVSS6.5AI score0.00415EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/07 8:8 p.m.23 views

CVE-2025-66620 Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

8.6CVSS0.00415EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.8 views

PT-2026-1859

Name of the Vulnerable Software and Affected Versions MicroServer affected versions not specified Description An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell...

8.6CVSS6.3AI score0.00415EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.17 views

PT-2025-47659

Name of the Vulnerable Software and Affected Versions EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products affected versions not specified Description The software does not limit the number of authentication attempts, potentially allowing an attacker to identify an...

9.8CVSS9.1AI score0.00422EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-11552

Malware in sbrugna...

6.8CVSS6.6AI score0.01191EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/07/16 10:14 a.m.5 views

CVE-2024-9342

In Eclipse GlassFish versions before 8.0.3 it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. GlassFish 8.0.3 adds automatic attack protection documented in...

9.8CVSS5.2AI score0.00403EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/09/11 1:15 p.m.4 views

CVE-2024-45790

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user passwords, which could lead to...

9.8CVSS5.8AI score0.00564EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.6 views

Argo CD Security Vulnerability

Argo CD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g. configuration in the Git repository, automatically synchronizing and deploying...

9.8CVSS6.7AI score0.00751EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/06 12:0 a.m.6 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A security vulnerability exists in Fortinet FortiSandbox versions 4.0.0 throug...

7.5CVSS7.3AI score0.00613EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/04 12:0 a.m.4 views

showdoc 安全特征问题漏洞

showdoc is an open source tool ideal for IT teams to share documents online. showdoc in the security features problematic vulnerability , the vulnerability stems from the lack of a limit on the number of client logins and thus vulnerable to password weak pseudo-random number generator PRNG attack...

7.5CVSS6.5AI score0.01064EPSS
Exploits0References3
NVD
NVD
added 2019/06/19 4:15 p.m.13 views

CVE-2018-19878

An issue was discovered on Teltonika RTU950 R31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory...

6.8CVSS6.4AI score0.01191EPSS
Exploits0References2
OSV
OSV
added 2019/06/19 4:15 p.m.5 views

CVE-2018-19878

An issue was discovered on Teltonika RTU950 R31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory...

6.5CVSS5.8AI score0.01191EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/06/19 3:21 p.m.22 views

CVE-2018-19878

An issue was discovered on Teltonika RTU950 R31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory...

6.5AI score0.01191EPSS
Exploits0References2
Rows per page
Query Builder