23 matches found
DjangoBlog 安全漏洞
DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from operations on the owntracks/views.py file, which results in a lack of authentication protection, potentially allowing for...
EUVD-2016-7710
Malware in sbrugna...
EUVD-2018-12525
Malware in sbrugna...
EUVD-2020-28017
Malware in sbrugna...
Beyond Vulnerabilities: a Survey of Adversarial Attacks As Both Threats and Defenses in Computer Vision Systems
Adversarial attacks against computer vision systems have emerged as a critical research area that challenges the fundamental assumptions about neural network robustness and security. This comprehensive survey examines the evolving landscape of adversarial techniques, revealing their dual nature a...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
Brute Force
Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...
wildfly-elytron: possible timing attacks via use of unsafe comparator
A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or...
CVE-2020-6875
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects:...
CVE-2024-5313
CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...
CVE-2024-36266
CVE-2024-36266 affects Siemens PowerSys (all versions before v3.11). The vulnerability centers on improper authentication: PowerSys reportedly returns responses to authentication requests that can be exploited by a local attacker to bypass authentication and obtain administrative privileges on ma...
CVE-2020-6875
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects:...
CVE-2020-7323
Authentication Protection Bypass vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running...
CVE-2020-7323
McAfee Endpoint Security (ENS) for Windows is affected up to version 10.7.0. The issue is an Authentication Protection Bypass where a local, physically present attacker can bypass the Windows lock screen by triggering certain ENS detection events while McTray.exe is running with elevated privileg...
CVE-2019-3621 DLP Endpoint Windows lock screen bypass with physical access
Authentication protection bypass vulnerability in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker require...
CVE-2019-3621
CVE-2019-3621 affects McAfee Data Loss Prevention Endpoint (DLPe) for Windows 11.x prior to 11.3.0. The vulnerability is an authentication protection bypass where a physical local user can bypass the Windows lock screen by interfering with DLPe processes (killed just before or while the screen is...