Lucene search
K

43 matches found

RedHat Linux
RedHat Linux
added 2026/05/18 12:12 p.m.24 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00817EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.7 views

PT-2026-31948

Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.3.0 Description A flaw exists in Vikunja before version 2.3.0 related to the Time-based One-Time Password TOTP failed-attempt lockout mechanism. A database transaction handling bug prevents the account lockout from...

7.5CVSS5.8AI score0.00296EPSS
Exploits1References9
AlpineLinux
AlpineLinux
added 2026/03/30 9:43 p.m.1 views

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

5.3CVSS5.8AI score0.00282EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/27 2:12 p.m.3 views

CVE-2026-33758 OpenBao has Reflected XSS in its OIDC authentication error message

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao installations that have an OIDC/JWT authentication method enabled and a role with callbackmode=direct configured are vulnerable to XSS via the errordescription parameter on the page for a failed...

9.4CVSS5.8AI score0.00287EPSS
Exploits0References4
OSV
OSV
added 2026/03/26 6:37 p.m.1 views

GHSA-CPJ3-3R2F-XJ59 OpenBao has Reflected XSS in its OIDC authentication error message

Impact OpenBao installations that have an OIDC/JWT authentication method enabled and a role with callbackmode=direct configured are vulnerable to XSS via the errordescription parameter on the page for a failed authentication. This allows an attacker access to the token used in the Web UI by a...

9.4CVSS5.8AI score0.00287EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/19 10:7 p.m.1 views

CVE-2026-32041 OpenClaw < 2026.3.1 - Unauthenticated Browser Control Access via Failed Auth Bootstrap

OpenClaw versions prior to 2026.3.1 fail to properly handle authentication bootstrap errors during startup, allowing browser-control routes to remain accessible without authentication. Local processes or loopback-reachable SSRF paths can exploit this to access browser-control routes including...

7.5CVSS5.8AI score0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/18 12:30 a.m.4 views

EUVD-2026-12645

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References2
NVD
NVD
added 2026/03/17 10:16 p.m.3 views

CVE-2026-1376

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

7.5CVSS0.00519EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 9:53 p.m.9 views

CVE-2026-1376

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 9:53 p.m.1 views

CVE-2026-1376 IBM i Denial of Service

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 9:53 p.m.22 views

CVE-2026-1376 IBM i Denial of Service

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

7.5CVSS0.00519EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.8 views

IBM i 安全漏洞

IBM i is an operating system developed by the American International Business Machines IBM company, which runs on IBM Power Systems and IBM PureSystems. Version 7.6 of IBM i contains a security vulnerability. This vulnerability stems from improper resource allocation, and it could allow remote...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.12 views

PT-2026-24723

Name of the Vulnerable Software and Affected Versions Lantronix EDS5000 version 2.1.0.0R3 Description The HTTP RPC module in Lantronix EDS5000 series devices contains a code injection flaw. When user authentication fails, the module executes a shell command to write logs, directly concatenating t...

9.8CVSS7AI score0.00889EPSS
Exploits1References39
ATTACKERKB
ATTACKERKB
added 2026/02/26 7:57 a.m.7 views

CVE-2026-1695

An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to trick a legitimate user into loading content from another site upon unsuccessful user...

6.1CVSS5.4AI score0.00207EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/12 5:39 p.m.3 views

GO-2026-4274 Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea

Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea...

5.3CVSS7.1AI score0.00356EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-6732

Malware in sbrugna...

5.3CVSS5.8AI score0.01276EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-3122

Malware in sbrugna...

5CVSS6.4AI score0.02144EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8393

Malware in sbrugna...

4.6CVSS4.9AI score0.00315EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-1212

Malware in sbrugna...

7.5CVSS6.4AI score0.15481EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6713

Malicious code in bioql PyPI...

3.5CVSS6.6AI score0.00197EPSS
Exploits0References3
Rows per page
Query Builder