27 matches found
EUVD-2009-1038
Malware in sbrugna...
EUVD-2012-1094
Malware in sbrugna...
EUVD-2022-34371
Malicious code in bioql PyPI...
EUVD-2023-44430
Malicious code in bioql PyPI...
Drupal Open Social allows Functionality Misuse
The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not disclose any information to the attacker...
Improper Control of Interaction Frequency
Overview goalgorilla/opensocial is a distribution for building social communities and intranets. Affected versions of this package are vulnerable to Improper Control of Interaction Frequency due to incorrect validation of flood control limits on the password reset form. Remediation Upgrade...
GHSA-63WG-87QV-RW4R Drupal Open Social allows Functionality Misuse
The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not disclose any information to the attacker...
DRUPAL-CONTRIB-2024-038
Open Social is a Drupal distribution for online communities. The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not...
Hitachi Energy RTU500 Stack-Based Buffer Overflow (CVE-2022-2081)
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...
CVE-2022-2081
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...
CVE-2022-2081
CVE-2022-2081 affects Hitachi Energy RTU500 CMU firmware via the HCI Modbus TCP function. A lack of flood control allows remote, high-rate Modbus TCP packets to cause a stack overflow and reboot the CMU when HCI Modbus TCP is enabled. Affected products span multiple RTU500 firmware lines (e.g., 1...
CVE-2022-2081
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...
CVE-2022-2081
A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...
DRUPAL-CONTRIB-2023-048
This module enables users to log in by email address with minimal configurations. Drupal core contains protection against brute force attacks via a flood control mechanism. This module's functionality did not replicate the flood control, enabling brute force attacks. A previous security advisory,...
Mail Login - Moderately critical - Access bypass - SA-CONTRIB-2023-048
This module enables users to log in by email address with minimal configurations. Drupal core contains protection against brute force attacks via a flood control mechanism. This module's functionality did not replicate the flood control, enabling brute force attacks. A previous security advisory,...
DRUPAL-CONTRIB-2023-045
This module enables users to log in by email address with minimal configurations. Drupal core contains protection against brute force attacks via a flood control mechanism. This module's functionality did not replicate the flood control, enabling brute force attacks...
PT-2022-4414 · Hitachi Energy · Rtu500
Name of the Vulnerable Software and Affected Versions: Hitachi Energy RTU500 versions affected versions not specified Description: The issue is related to a vulnerability in the HCI interface, functioning via the Modbus TCP protocol, which can cause a buffer overflow in memory. This can be...
netFORUM Authentication - Moderately critical - Access Bypass - SA-CONTRIB-2017-077
The netFORUM Authentication module implements external authentication for users against netFORUM. The module does not correctly use flood control making it susceptible to brute force attacks...
VK.com: Missing Server Side Rate Limiting can Lead to VK Account Take over
Insufficient flood control...
VK.com: SSRF через Share-ботов
Отсутствие флуд-контроля на Share-ботах...