📄 Soosyze CMS 2.0 Brute Forcer

Soosyze CMS version 2.0 authentication brute forcing tool that leverages an absence of rate limiting on the /user/login endpoint. ============================================================================================================================================= | Title : Soosyze CMS 2.0...

EUVD-2025-15580

Malicious code in bioql PyPI...

EUVD-2025-15581

Malicious code in bioql PyPI...

EUVD-2025-15582

Malicious code in bioql PyPI...

laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions

Overview Session cookies of applications using the laravel-auth0 SDK configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Am I Affected? You are affected by this vulnerability if you meet the following pre-conditions: 1...

GHSA-9FWJ-9MJF-RHJ3 laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions

Overview Session cookies of applications using the laravel-auth0 SDK configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Am I Affected? You are affected by this vulnerability if you meet the following pre-conditions: 1...

GHSA-2F4R-34M4-3W8Q Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions

Overview Session cookies of applications using the Auth0 Wordpress plugin configured with CookieStore have authentication tags that can be brute forced, which may result in unauthorized access. Am I Affected? You are affected by this vulnerability if you meet the following pre-conditions: 1...

Red Hat WildFly Elytron 安全漏洞

Red Hat WildFly Elytron is a security framework for application servers from Red Hat USA. The product supports features such as configuring administrative access rights to servers. A security vulnerability exists in Red Hat WildFly Elytron, which stems from an insufficiently restricted...

Akira Ransomware Exploits Cisco Zero-Day Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability, identified as CVE-2023-20269, is a concerning security issue that impacts the remote access VPN feature of Cisco ASA Adaptive Security Appliance and FTD Firepower Threa...

CVE-2023-3548

An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack...

CVE-2023-3548

CVE-2023-3548 affects Johnson Controls IQ Wifi 6 firmware versions prior to 2.0.2. The vulnerability is described as an improper restriction of excessive authentication attempts (CWE-307) that could allow an unauthorized user to gain account access via a brute-force authentication attack over the...

PiiGAB M-Bus 安全漏洞

PiiGAB M-Bus is a communication protocol used between meters and centralized data collection systems or prepaid units from PiiGAB. A security vulnerability exists in PiiGAB M-Bus version 900S, which stems from an unlimited number of login attempts and could allow an attacker to perform brute forc...

Ovarro TBox RTUs 安全特征问题漏洞

Ovarro TBox RTUs is a modular remote monitoring and automation solution from Ovarro Germany. The Ovarro TBox RTUs suffers from a security signature issue vulnerability that arises from the use of insufficient entropy to generate software security tokens, where the random seed used to generate the...

Multiple Belden Hirschmann Switch Products Brute Force Vulnerabilities

Belden Hirschmann RS, etc. are switch products of Belden USA. A security vulnerability exists in the web interface of multiple Belden Hirschmann switch products, which stems from the program failing to properly limit the number of authentication requests. An attacker could use this vulnerability ...

CVE-2018-5469

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An improper restriction of excessive authentication vulnerability in the web interface has been identified,...

McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution

''' Source: https://nation.state.actor/mcafee.html Vulnerabilities CVE-2016-8016: Remote Unauthenticated File Existence Test CVE-2016-8017: Remote Unauthenticated File Read with Constraints CVE-2016-8018: No Cross-Site Request Forgery Tokens CVE-2016-8019: Cross Site Scripting CVE-2016-8020:...

Tools recommended: Scanner Routerhunter, the router vulnerability scanner-vulnerability warning-the black bar safety net

! 0×0 0 Preface We will introduce a Automatic mining router vulnerability test tools, it can be automated on the Internet a wide range of search contains a vulnerability in the routing test, further confirmed these vulnerabilities, which relates to the D-link multiple router. The tool is using...

PT-2001-1420 · Gnu · Gnuserv

Name of the Vulnerable Software and Affected Versions: gnuserv versions prior to 3.12 Description: The issue allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length, due to improper checking of the specified length ...