Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to cause service interruptions using the MySQL protocol...

egyptianarabicdictionary.com Cross Site Scripting vulnerability OBB-3386548

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-2060

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

Default credentials

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

CVE-2023-2060 Authentication bypass vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules

Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or passwo...

CVE-2023-2060

CVE-2023-2060 affects Mitsubishi Electric MELSEC iQ-R Series RJ71EIP91 and iQ-F FX5-ENET/IP Ethernet/IP modules. The flaw is an authentication bypass via FTP caused by weak password requirements, enabling remote, unauthenticated access through dictionary attacks or password sniffing. Public discl...

CVE-2023-29736

Keyboard Themes 1.275.1.164 for Android contains a dictionary traversal vulnerability that allows unauthorized apps to overwrite arbitrary files in its internal storage and achieve arbitrary code execution...

CVE-2023-29736

Keyboard Themes 1.275.1.164 for Android contains a dictionary traversal vulnerability that allows unauthorized apps to overwrite arbitrary files in its internal storage and achieve arbitrary code execution...

PT-2023-22387 · Unknown · Keyboard Themes

Name of the Vulnerable Software and Affected Versions: Keyboard Themes version 1.275.1.164 Description: The issue allows unauthorized apps to overwrite arbitrary files in the internal storage of Keyboard Themes and achieve arbitrary code execution due to a dictionary traversal vulnerability...

Timmystudios Fast Typing Keyboard 路径遍历漏洞

Timmystudios Fast Typing Keyboard is an Android app keyboard by Timmystudios. A security vulnerability exists in Timmystudios Fast Typing Keyboard Themes version 1.275.1.164, which stems from the presence of a dictionary traversal vulnerability that could allow an unauthorized application to...

CVE-2023-29736

CVE-2023-29736 affects Keyboard Themes for Android, version 1.275.1.164. A dictionary traversal vulnerability allows unauthorized apps to overwrite arbitrary files in internal storage and achieve arbitrary code execution. Multiple sources summarize impacts to confidentiality, integrity, and avail...

Brute-Forcing a Fingerprint Reader

Its neither hard nor expensive: Unlike password authentication, which requires a direct match between what is inputted and whats stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only...

Oracle Linux 8 : freeradius:3.0 (ELSA-2023-2870)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2870 advisory. 3.0.20-14 - Fix defect found by Covscan Resolves: 2151704 3.0.20-13 - Fix multiple CVEs - Add rpminspect configuration Resolves: 2151702 Resolves:...

SUSE CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

Cbrutekrag - Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C

Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This tool is for ethical testing purpose only. cbrutekrag and its owners can't be held responsible for misuse by users. Users have to act as permitted by local law rules...

freeradius: Information leakage in EAP-PWD

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

Debian dla-3424 : pypy-ipaddress - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3424 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3424-1 [email protected] https://www.debian.org/lts/security/...

AlmaLinux 9 : freeradius (ALSA-2023:2166)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2166 advisory. - In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the siz...

freeradius: Crash on unknown option in EAP-SIM

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

freeradius: Information leakage in EAP-PWD

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...