Lucene search
+L

319 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.161 views

SAP Management Console Brute Force

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Brute Force', 'Description' = %q This module simply attempts to brute force the username and password for the SAP Manageme...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.263 views

DNS Record Scanner and Enumerator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Record Scanner and Enumerator', 'Description' = %q This module can be used to gather information about a domain from a given DNS server by...

7AI score0.68535EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.190 views

Apple TV Video Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/15 5:12 a.m.31 views

New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining

Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. This indicates that the "IoT botnet is targeting more robust servers runni...

7.8AI score
Exploits0
NVD
NVD
added 2024/08/02 8:17 p.m.16 views

CVE-2024-38888

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts...

6.8CVSS0.00189EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 12:0 a.m.44 views

CVE-2024-38888

CVE-2024-38888 affects Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405, where a flaw in restricting excessive authentication attempts enables a local attacker to perform a password brute force. The linked data records a CVSS v3.1 base score of 6.8 (Medium): Attac...

6.8CVSS7AI score0.00189EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/02 12:0 a.m.15 views

CVE-2024-38888

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts...

7.2AI score0.00189EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/02 12:0 a.m.22 views

CVE-2024-38888

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts...

0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/01 4:55 p.m.32 views

CVE-2024-23600 PingIDM Query Filter Vulnerability

Improper Input Validation of query search results for private field data in PingIDM Query Filter module allows for a potentially efficient brute forcing approach leading to information disclosure...

2.7CVSS3.4AI score0.00671EPSS
Exploits1References2
CVE
CVE
added 2024/08/01 4:55 p.m.72 views

CVE-2024-23600

CVE-2024-23600 concerns Ping Identity PingIDM (Query Filter module). Public details describe improper input validation of query search results for private field data, enabling a potentially more efficient brute-force approach that can lead to information disclosure. Connected sources corroborate ...

2.7CVSS3.4AI score0.00671EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.9 views

PT-2024-19957 · Ping Identity · Pingidm

Name of the Vulnerable Software and Affected Versions: PingIDM affected versions not specified Description: The issue is related to improper input validation of query search results for private field data in the Query Filter module of PingIDM. This allows for a potentially efficient brute forcing...

2.7CVSS6.7AI score0.00671EPSS
Exploits1References11
Securelist
Securelist
added 2024/06/18 11:30 a.m.24 views

Analysis of user password strength

The processing power of computers keeps growing, helping users to solve increasingly complex problems faster. A side effect is that passwords that were impossible to guess just a few years ago can be cracked by hackers within mere seconds in 2024. For example, the RTX 4090 GPU is capable of...

6.9AI score
Exploits0
NVD
NVD
added 2024/06/10 12:15 p.m.35 views

CVE-2024-28833

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms...

7.5CVSS0.00392EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/10 12:15 p.m.41 views

CVE-2024-28833

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms...

7.5CVSS5.8AI score0.00392EPSS
Exploits0References2
CVE
CVE
added 2024/06/10 11:55 a.m.69 views

CVE-2024-28833

CVE-2024-28833 affects Checkmk 2.3 prior to 2.3.0p6, where excessive authentication attempts for two-factor authentication are not properly restricted, enabling brute-forcing of second factor mechanisms. The vulnerability is tied to the authentication flow and could impact confidentiality due to ...

7.5CVSS6.4AI score0.00392EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/10 11:55 a.m.10 views

CVE-2024-28833 Missing brute-force protection for two factor authentication

Improper restriction of excessive authentication attempts with two factor authentication methods in Checkmk 2.3 before 2.3.0p6 facilitates brute-forcing of second factor mechanisms...

5.9CVSS5.9AI score0.00392EPSS
Exploits0References3
NVD
NVD
added 2024/04/24 12:15 p.m.17 views

CVE-2024-28825

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

9.8CVSS6AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2024/04/24 12:15 p.m.27 views

UBUNTU-CVE-2024-28825

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

9.8CVSS5.8AI score0.00521EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/24 11:25 a.m.23 views

CVE-2024-28825 Brute-force protection ineffective for some login methods

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

5.9CVSS6.2AI score0.00521EPSS
Exploits0References1
CVE
CVE
added 2024/04/24 11:25 a.m.76 views

CVE-2024-28825

CVE-2024-28825 affects Checkmk installations where login attempts are not adequately limited. The vulnerability exists in multiple Checkmk branches prior to fixes: 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and (EOL) 2.0.0. Root cause: insufficient restriction on excessive authentication attempts for ce...

9.8CVSS7.2AI score0.00521EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder