44 matches found
CVE-2026-32295 JetKVM insufficient login rate limiting
JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials...
CVE-2019-12564
In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...
EUVD-2001-0944
Malware in sbrugna...
EUVD-2015-9188
Malware in sbrugna...
CVE-2025-48461
Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords...
CVE-2025-48461 Weak Session Cookie Entropy
Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing the attackers to gain root, admin or user access and reset passwords...
SUSE CVE-2007-3279
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL plpgsql language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing...
CVE-2019-13166
Some Xerox printers such as the Phaser 3320 V53.006.16.000 did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks...
CVE-2019-13166
CVE-2019-13166 affects Xerox printers (example: Phaser 3320 with V53.006.16.000). The root issue is lack of account lockout, enabling brute-force attempts to extract local credentials from the device. Public sources in connected documents confirm this vulnerability scenario and affected class, bu...
CVE-2015-8851
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing...
CVE-2015-8851
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing...
Design/Logic Flaw
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing...
CVE-2015-8851
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing...
CVE-2015-8851
CVE-2015-8851 affects node-uuid before 1.4.4. The root cause is insufficient randomness in GUID generation (use of Math.random instead of a cryptographically secure source), which could enable attackers to guess GUIDs with unspecified impact. Affected: node-uuid (pre-1.4.4). Impact and exploitabi...
CVE-2015-8851
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing...
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
Design/Logic Flaw
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
Design/Logic Flaw
In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...
CVE-2019-12564
In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...