1555 matches found
CVE-2019-8662
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary...
Internet Bug Bounty: Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd
Full background information is at our website and detailed information can be found in our research paper. Vulnerability Summary First Disclosure Summarized, the Dragonfly handshake of WPA3 and EAP-pwd is supposed to prevent dictionary attacks. However, we discovered design flaws that still enabl...
CVE-2010-3440
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files...
CVE-2010-3440
CVE-2010-3440 affects Babiloo, specifically version 2.0.9 prior to 2.0.11. The flaw arises when downloading and unpacking dictionary files: the program creates temporary files with predictable names, enabling a local attacker to overwrite arbitrary files on the host. Impact is local, with potenti...
DEBIAN-CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
ALPINE-CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
Default credentials
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
CVE-2019-14833
CVE-2019-14833 affects Samba, specifically the AD DC password handling where a custom script for password complexity may fail to verify non‑ASCII passwords, potentially allowing weak passwords and dictionary attacks. Affected releases include Samba 4.5.0 up to but not including 4.9.15, and also 4...
Memory corruption vulnerability in python dict objects
Python is a cross-platform computer programming language. A memory corruption vulnerability exists in python dict objects, which can be exploited by an attacker to cause a denial of service on a server...
CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
UBUNTU-CVE-2019-14833
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for passwo...
D-Link DAP-1320 Authorization Issues Vulnerability
The D-Link DAP-1320 is a wireless signal extender from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DAP-1320 A2-V1.21 version, which originates from some web interfaces that do not require authentication. An attacker could obtain the user's Wi-Fi SSID and password to...
CVE-2019-12941
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same hash function output input i...
CVE-2019-12941
AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. The default WiFi password and WiFi SSID are derived from the same hash function output input i...
CVE-2019-12941
Summary : CVE-2019-12941 affects AutoPi Wi‑Fi/NB and AutoPi 4G/LTE devices prior to 2019-10-15. The default WiFi password and WiFi SSID are derived from the same hash function output using an 8‑character input, enabling an attacker to perform brute‑force or dictionary attacks to gain access to th...
Authentication flaw
D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplinkinfo.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack...
CVE-2019-17505
D-Link DAP-1320 A2-V1.21 routers have some web interfaces without authentication requirements, as demonstrated by uplinkinfo.xml. An attacker can remotely obtain a user's Wi-Fi SSID and password, which could be used to connect to Wi-Fi or perform a dictionary attack...