Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Hacker One
Hacker Oneadded 2021/04/07 1:26 a.m.23 views

Nextcloud: Ratelimiting can be bypassed using IPv6 subnets

Nextcloud hardcodes IPv6 subnets to /128. End users get at least a /64 subnet more than the whole IPv4 address space!, most providers assign even larger subnets like /48. The subnet is used to block bruteforce attempts 3 and rate limiting 4. An attacker can easily generate random addresses from t...

5CVSS0.7AI score0.00491EPSS
Exploits0
NVD
NVDadded 2017/09/13 5:29 p.m.15 views

CVE-2017-14421

D-Link DIR-850L REV. B with firmware through FW208WWb02 devices have a hardcoded password of wrgac25dlink.2013guidir850l for the Alphanetworks account upon device reset, which allows remote attackers to obtain root access via a TELNET session...

10CVSS9.5AI score0.04942EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

Nagasaki Electronic Prefectural Office System authentication information vulnerability

Overview Nagasaki Prefectural Government has developed an open source electronic prefectural office system. The system hardcodes some credential information and a remote attacker could impersonate genuine users. Impact A remote attacker could impersonate genuine users. As a result, the attacker...

5CVSS6.7AI score
Exploits0References2
Rows per page
Query Builder