CVE-2022-37109

patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when...

EUVD-2024-53501

Malicious code in bioql PyPI...

EUVD-2024-19667

Malicious code in bioql PyPI...

EUVD-2022-5080

Malicious code in bioql PyPI...

CVE-2024-57032

WeGIA 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senhaantiga field...

CVE-2012-4593

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command...

CVE-2004-2555

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography arithmetic and XOR operations to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recove...