Lucene search
+L

2890 matches found

nuclei
nuclei
added yesterday17 views

PSW Front-end Login & Registration 1.13 - Weak Password Recovery

PSW Front-end Login & Registration plugin for WordPress contains a weak password recovery mechanism that can be exploited by unauthenticated attackers. This vulnerability affects versions through 1.13 and allows attackers to potentially gain unauthorized access. id: CVE-2025-47646 info: name: PSW...

9.8CVSS7AI score0.21914EPSS
Exploits3References5
cve
cve
added 3 days ago7 views

CVE-2026-5040

The CVE-2026-5040 entry applies to TP-Link Deco M5 v1. The issue stems from a weak password hashing mechanism used to store user credentials. An attacker who obtains the password hash via system compromise or privileged access could perform brute-force or dictionary attacks. Practical consequence...

7.1CVSS6.1AI score0.00093EPSS
Exploits0References3
euvd
euvd
added 5 days ago8 views

EUVD-2026-43201

A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References5
cve
cve
added 5 days ago10 views

CVE-2026-15479

The vulnerability CVE-2026-15479 affects H3C NX15 V100R017. The vulnerable component is the Administrator Password Modification Endpoint, specifically the change_passwd function at /api/login/modify. Manipulating the newPass parameter results in weak password recovery. The issue can be exploited ...

7.5CVSS6.6AI score0.00278EPSS
Exploits0References5
cvelist
cvelist
added 2026/07/09 6:26 a.m.38 views

CVE-2026-47831 Cryptographically Weak Password Generation in bosh-windows-stemcell-builder Allows Remote SSH Brute-Force Attacks

Use of a cryptographically weak random number generator in the GenerateRandomPassword function in bosh-windows-stemcell-builder allows a remote attacker to brute-force the resulting SSH login via TCP/22. Affected versions: bosh-windows-stemcell-builder versions prior to v2019.98...

7.7CVSS0.00191EPSS
Exploits0References1
cve
cve
added 2026/07/09 6:26 a.m.16 views

CVE-2026-47831

The vulnerability affects bosh-windows-stemcell-builder. The GenerateRandomPassword function uses a cryptographically weak RNG, enabling a remote attacker to brute-force SSH logins over TCP/22. Affected versions are prior to v2019.98. Mitigation: upgrade to v2019.98 or later. CVSS metrics indicat...

7.7CVSS7.1AI score0.00191EPSS
Exploits0References1
cloudfoundry
cloudfoundry
added 2026/07/08 12:0 a.m.5 views

CVE-2026-47831 - Cryptographically Weak Password Generation in bosh-windows-stemcell-builder Allows Remote SSH Brute-Force Attacks | Cloud Foundry

High CVSSv4: High 7.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSSv3: High 7.5 CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Vendor Cloud Foundry Foundation Versions Affected Severity is High unless otherwise noted. bosh-windows-stemcell-builder – All versions prior to...

7.7CVSS6AI score0.00191EPSS
Exploits0
nvd
nvd
added 2026/07/07 5:16 p.m.10 views

CVE-2026-13020

A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an...

9.8CVSS0.00234EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/07 4:39 p.m.38 views

CVE-2026-13020 Weak Password Recovery Mechanism in Portal for ArcGIS

A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an...

8.1CVSS0.00234EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.12 views

PT-2026-56205

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions prior to 12.2 Description A weak password recovery mechanism for forgotten passwords allows a remote, unauthorized attacker to assume ownership of a user account by manipulating the recovery process...

9.8CVSS6.1AI score0.00234EPSS
Exploits0References6
nvd
nvd
added 2026/07/01 8:16 a.m.9 views

CVE-2026-10540

The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentiall...

5.6CVSS0.00078EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/30 1:37 p.m.9 views

CVE-2026-35097 Weak Password Requirements in KTM System e-BOK

KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/10 9:2 p.m.14 views

CVE-2026-40639

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.7CVSS5.4AI score0.00119EPSS
Exploits0References1
euvd
euvd
added 2026/06/09 6:4 p.m.11 views

EUVD-2026-35789

Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges...

5.7CVSS5.4AI score0.00119EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/06/09 5:13 a.m.79 views

Teldat-Router-CVE-2022-POC

Teldat Router CVE-2022-39996 & CVE-2022-39997 POC Proof of...

8CVSS5.6AI score0.00328EPSS
Exploits2
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.20 views

Dell Client Platform BIOS 安全漏洞

Dell Client Platform BIOS is a client platform BIOS developed by the American company Dell. There is a security vulnerability in Dell Client Platform BIOS, which stems from weak password encoding. This vulnerability could allow unverified attackers with physical access to escalate their privilege...

5.7CVSS5.2AI score0.00119EPSS
Exploits0References1
nvd
nvd
added 2026/06/08 7:16 a.m.13 views

CVE-2026-11493

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

5CVSS0.00224EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/06/08 5:45 a.m.10 views

CVE-2026-11493

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

5CVSS5AI score0.00224EPSS
Exploits0References6Affected Software1
vulnrichment
vulnrichment
added 2026/06/08 5:45 a.m.8 views

CVE-2026-11493 Tenda AC15 Samba smb.conf weak password

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

5CVSS5AI score0.00224EPSS
Exploits0References6
euvd
euvd
added 2026/06/08 5:45 a.m.13 views

EUVD-2026-35024

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

5CVSS5AI score0.00224EPSS
Exploits0References6
Rows per page
Query Builder