18 matches found
EUVD-2019-7798
Malware in sbrugna...
EUVD-2017-18214
Malware in sbrugna...
EUVD-2022-4448
Malicious code in bioql PyPI...
EUVD-2024-40281
Malicious code in bioql PyPI...
EUVD-2025-18666
Malicious code in bioql PyPI...
Mageia: Security Advisory (MGASA-2014-0080)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught
Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. "This flaw allows threat actors to perform single-factor brute-force attacks agains...
CVE-2020-3541
A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information. The vulnerability is due to unsafe loggin...
CVE-2019-17396
In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
Default credentials
In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...
Remote Authentication GeoFeasibility Tool - GeoLogonalyzer
Users have long needed to access important resources such as virtual private networks VPNs, web applications, and mail servers from anywhere in the world at any time. While the ability to access resources from anywhere is imperative for employees, threat actors often leverage stolen credentials t...
500K Members of Hacking Forum Doxxed
An underground forum called Nulled.io that helped users share stolen credentials, software cracks, and leaked content was hacked earlier this month, spilling a glut of information, including users’ email addresses, encrypted passwords, and IP addresses, among other details. According to researche...
DenyHosts: Denial of service
Background DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks. Description DenyHosts does not properly define the regular expressions used when parsing SSH authentication logs. Impact A remote attacker could possibly cause a Denial of Service...
Authentication flaw
denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service incorrect block of IP addresses via crafted login names...
CVE-2013-6890
denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service incorrect block of IP addresses via crafted login names...
CVE-2013-6890
CVE-2013-6890: DenyHosts 2.6 contains an incorrect regular expression in the SSH authentication log parser. This can allow a remote attacker to trigger a Denial of Service by submitting crafted login names, potentially causing incorrect blocking of IPs. Affected software/version: DenyHosts 2.6. I...
Debian Security Advisory DSA 2826-1 (denyhosts - Remote denial of ssh service)
Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user ...
DSA-2826-1 denyhosts - Remote denial of ssh service
Bulletin has no description...