6 matches found
CVE-2025-54833
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords...
CVE-2025-54833
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords...
The vulnerability of the CI/CD system’s continuous integration and delivery capabilities in JetBrains TeamCity arises from the use of an algorithm that does not meet security requirements for hash functions. This allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of JetBrains TeamCity is related to the use of an algorithm that does not meet security requirements for the hash function. Exploiting this vulnerability can allow a malicious actor to bypass existing...
CVE-2024-0787
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'getuserip' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the...
CVE-2016-3648
Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window...
FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities
source: https://www.securityfocus.com/bid/37513/info FreeWebshop is prone to multiple remote vulnerabilities: 1. A security vulnerability that may allow attackers to spoof HTTP headers. 2. A security vulnerability involving the handling of sessions. 3. A security vulnerability that may allow...