10680 matches found
WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting
WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard. id: CVE-2022-2599 info: name: WordPress Anti-Malware Security an...
EUVD-2026-36938
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-39478
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-39478 WordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
Brute Force Attack
Yamcs Core is vulnerable to Brute Force Attack. The vulnerability is due to the absence of rate limiting, account lockout, and failed login throttling on the /auth/token endpoint, which allows an attacker to perform unlimited password-guessing attempts and conduct brute-force attacks against user...
exploit-scripts
Offensive Security Toolkit ╔═════════════════════════════...
PT-2026-49380
Contributor PHP Object Injection in Anti-Malware Security and Brute-Force Firewall = 4.23.87 versions...
CVE-2026-42604 Actual has an OpenID `client_secret` Disclosure via Broken Authorization Guard in `/openid/config`
Actual is a local-first personal finance tool. The POST /openid/config endpoint in Actual Budget's sync-server versions = 26.4.0 exposes the full OpenID Connect configuration—including the OAuth2 clientsecret—to any caller who knows the bootstrap password. The endpoint also lacks authentication a...
CVE-2026-5792
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
CVE-2026-5792 Authentication Bypass in Hedef Media's Related Marketing Cloud (RMC)
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
EUVD-2026-36486
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
CVE-2026-5792
CVE-2026-5792 is described as an authentication bypass by spoofing vulnerability in Related Marketing Cloud (RMC) used by Hedef Media Promotion Interactive Media Marketing Inc. The issue affects RMC up to 12052026. The NVD entry provides a CVSS 3.1 base score of 6.5 (Network, Low attack complexit...
CVE-2026-5792 Authentication Bypass in Hedef Media's Related Marketing Cloud (RMC)
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
PT-2026-48918
Name of the Vulnerable Software and Affected Versions Related Marketing Cloud RMC versions prior to 12052026 Description An authentication bypass by spoofing issue in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows for brute force attacks. Recommendations...
dvwa-web-attack-lab
Web Application Penetration Testing Lab Platform: Kali Li...
network-intrusion-detector
network-intrusion-detector A Python tool that analyses web se...
Brute force attack protection - Critical - Unsupported - SA-CONTRIB-2026-047
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
2625
LogSentinel – Intelligent Web Log Security Analysis Platform...
CVE-2026-46749
A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application uses a password hashing implementation with a static, hardcoded salt shared across all users and installations, and is configured with an insufficient number of iterations. This could allow a...
CVE-2026-46749
A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application uses a password hashing implementation with a static, hardcoded salt shared across all users and installations, and is configured with an insufficient number of iterations. This could allow a...