Lucene search
+L

319 matches found

Packet Storm News
Packet Storm News
added 2025/07/17 12:0 a.m.6 views

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/07/09 11:34 p.m.267 views

Exploit for Uncontrolled Resource Consumption in Oracle Mysql_Cluster

CVE-2025-21574-Exploit Key Features of this Black-Box Exploi...

6.5CVSS7.3AI score0.00975EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 10:18 a.m.8 views

CVE-2024-28825

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

9.8CVSS7.3AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:41 a.m.17 views

CVE-2024-28833

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms...

7.5CVSS7.1AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.8 views

CVE-2024-49358

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint http:///v1/users/login in ZimaOS returns distinct responses based on whether a username exists or the password is incorrect. This behavior can b...

5.3CVSS6.8AI score0.00463EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:27 p.m.6 views

CVE-2021-25839

A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing...

9.8CVSS7AI score0.01183EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.11 views

CVE-2019-5263

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305MAC and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting th...

5.5CVSS6.9AI score0.00307EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/04/21 7:1 a.m.54 views

Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery

Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organization...

9.8CVSS8.2AI score0.98417EPSS
Exploits31
Rapid7 Blog
Rapid7 Blog
added 2025/04/10 1:0 p.m.6 views

Password Spray Attacks Taking Advantage of Lax MFA

In the first quarter of 2025, Rapid7’s Managed Threat Hunting team observed a significant volume of brute-force password attempts leveraging FastHTTP, a high-performance HTTP server and client library for Go, to automate unauthorized logins via HTTP requests. This rapid volume of credential...

6.8AI score
Exploits0
NVD
NVD
added 2025/03/20 2:15 p.m.12 views

CVE-2025-1496

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse. This issue affects Coslat Hotspot: before 6.26.0.R.20250227...

6.5CVSS0.00318EPSS
Exploits0References3
CVE
CVE
added 2025/03/20 1:30 p.m.60 views

CVE-2025-1496

The CVE-2025-1496 entry concerns BG-TEK Coslat Hotspot with an improper restriction of excessive authentication attempts, enabling password brute forcing and authentication abuse. Affected product: Coslat Hotspot before version 6.26.0.R.20250227. Root cause described as insufficient protection ag...

6.5CVSS5.4AI score0.00318EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/20 1:30 p.m.19 views

CVE-2025-1496 Improper Authentication in BG-TEK's Coslat Hotspot

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse. This issue affects Coslat Hotspot: before 6.26.0.R.20250227...

6.5CVSS0.00318EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/20 1:30 p.m.12 views

CVE-2025-1496 Improper Authentication in BG-TEK's Coslat Hotspot

Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse. This issue affects Coslat Hotspot: before 6.26.0.R.20250227...

6.5CVSS5.4AI score0.00318EPSS
Exploits0References3
NVD
NVD
added 2025/03/19 4:15 p.m.6 views

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

6CVSS0.00113EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/20 8:26 p.m.9 views

CVE-2025-22645

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Password Brute Forcing.This issue affects Real Estate Manager: from n/a through = 7.3...

5.3CVSS7.2AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2025/02/18 8:15 p.m.10 views

CVE-2025-22645

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Password Brute Forcing.This issue affects Real Estate Manager: from n/a through = 7.3...

5.3CVSS0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/18 7:54 p.m.21 views

CVE-2025-22645 WordPress Real Estate Manager plugin <= 7.3 - Captcha Bypass Vulnerability vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Password Brute Forcing.This issue affects Real Estate Manager: from n/a through = 7.3...

5.3CVSS0.00324EPSS
Exploits0References1
CVE
CVE
added 2025/02/18 7:54 p.m.67 views

CVE-2025-22645

CVE-2025-22645 concerns the WordPress Real Estate Manager plugin (versions up to 7.3). The issue is described as Improper Restriction of Excessive Authentication Attempts, effectively enabling password brute-forcing. The vulnerability is tied to insufficient controls around authentication attempt...

5.3CVSS7.2AI score0.00324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/18 7:54 p.m.11 views

CVE-2025-22645 WordPress Real Estate Manager plugin <= 7.3 - Captcha Bypass Vulnerability vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Password Brute Forcing.This issue affects Real Estate Manager: from n/a through = 7.3...

5.3CVSS8.6AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2024/12/15 11:15 a.m.35 views

CVE-2024-7701

Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0...

7.5CVSS0.00204EPSS
Exploits0References1
Rows per page
Query Builder