Lucene search
K

203 matches found

CVE
CVE
added 2021/11/12 8:45 p.m.105 views

CVE-2021-43332

CVE-2021-43332 affects GNU Mailman before 2.1.36. The CSRF token on Cgi/admindb.py admindb page contains an encrypted version of the list admin password, which could potentially be cracked by a moderator via offline brute-force. Documents correlate this with other Mailman issues (e.g., CVE-2021-4...

6.5CVSS6.4AI score0.01072EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2021/11/12 8:45 p.m.29 views

CVE-2021-43332

Removed by vendor...

6.5CVSS6.8AI score0.01072EPSS
Exploits0
CNVD
CNVD
added 2021/06/29 12:0 a.m.10 views

Weidmueller Industrial WLAN devices trust management issue vulnerability

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. A trust management issue vulnerability exists in Weidmueller Industrial WLAN devices, which stems from the fact that the device operating system contains an undisclosed encrypted password that can be exploited by...

9CVSS6.9AI score0.00719EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.5 views

Weidmueller Industrial WLAN 信任管理问题漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. A trust management issue vulnerability exists in Weidmueller Industrial WLAN devices, which stems from the fact that the device operating system contains an undisclosed encrypted password that can be exploited by...

9CVSS5.7AI score0.00719EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/11/24 9:2 p.m.31 views

Post Breach, Peatix Data Reportedly Found on Instagram, Telegram

Event-discovery application Peatix has disclosed a data breach, after ads for stolen user-account information were reportedly being circulated on Instagram and Telegram. In a data breach notice to affected users, Peatix said it learned on Nov. 9 that user account data had been improperly accessed...

Exploits0References7
CNVD
CNVD
added 2020/04/23 12:0 a.m.3 views

JetBrains TeamCity Information Disclosure Vulnerability (CNVD-2020-27793)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A security vulnerability exists in JetBrains...

4.9CVSS7.1AI score0.00852EPSS
Exploits0References1
NVD
NVD
added 2020/01/30 2:15 p.m.19 views

CVE-2013-1351

Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password...

5.9CVSS5.9AI score0.02008EPSS
Exploits3References3
Prion
Prion
added 2020/01/30 2:15 p.m.17 views

Design/Logic Flaw

Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password...

4.3CVSS7.2AI score0.02008EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2020/01/30 1:20 p.m.22 views

CVE-2013-1351

Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password...

6.3AI score0.02008EPSS
Exploits3References3
CVE
CVE
added 2020/01/30 1:20 p.m.54 views

CVE-2013-1351

CVE-2013-1351 affects all Verax NMS versions prior to 2.1.0. The vulnerability arises from a client-side RSA-based password encryption in the login flow (clientMain.swf) where private/public keys are hardcoded, allowing an attacker to capture and replay the encrypted password against the service....

5.9CVSS6.6AI score0.02008EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2019/12/09 12:0 a.m.138 views

SpotAuditor 5.3.2 Local Buffer Overflow

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...

Exploits0
Packet Storm
Packet Storm
added 2019/03/08 12:0 a.m.22 views

TeamCity Disabled Registration Bypass

var login = 'testuser'; //DD3/4D3D,D1/2 D?D3/4DNDD3/4D2DdegNDuDN var password = 'SuperMEgaPa$$'; //D?DdegND3/4DN var email = '[email protected]'; // email / Code / var b = BS.LoginForm; var publickey = $F"publicKey"; var encryptedpass = BS.Encrypt.encryptDatapassword, $F"publicKey";...

0.1AI score
Exploits0
NVD
NVD
added 2019/01/22 5:29 p.m.21 views

CVE-2018-6445

A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted not hashed password of the systems. The attacker could gain access to the Brocade Network Advisor System after...

7.5CVSS7.6AI score0.01671EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/12/20 5:0 p.m.20 views

CVE-2018-19233

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...

7.9AI score0.00592EPSS
Exploits1References4
0day.today
0day.today
added 2018/11/08 12:0 a.m.411 views

Cradlepoint Router Password Disclosure Vulnerability

Exploit for hardware platform in category web applications Cradlepoint Router Password Disclosure Many vulnerabilities in the built-in software of the Cradlepoint Router. 100000 such routers can be seen in the shodan https://www.shodan.io/search?query=cradlepointhttpservice. These vulnerabilities...

Exploits0
Prion
Prion
added 2018/11/07 6:29 p.m.15 views

Hardcoded credentials

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift password in some cases...

5CVSS7.7AI score0.01582EPSS
Exploits1References1Affected Software4
Kitploit
Kitploit
added 2018/09/23 9:9 p.m.107 views

Vboxdie-Cracker - VirtualBox Disk Image Encryption Password Cracker

Virtual Box Disk Image Encryption password cracker Requirements 1. PHP = 5.5.0 2. OpenSSL = 1.0.1 XTS support Algorithm description User password is stored using a combination of PBKDF2 and AES-XTS as following shown values are fixed at the moment, but they can be controlled inside the file forma...

7.4AI score
Exploits0References1
CNVD
CNVD
added 2018/07/02 12:0 a.m.2 views

Ivanti Avalanche Information Disclosure Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche versions 5.3 and 6.2. The vulnerability can be exploited by a...

7.8CVSS7.8AI score0.00661EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/06/11 9:0 p.m.64 views

CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

6.5CVSS8.3AI score0.01651EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/05/10 6:21 a.m.31 views

CVE-2018-5152

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firef...

6.5CVSS1.3AI score0.01651EPSS
Exploits0References2
Rows per page
Query Builder