Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.12 views

CVE-2022-26314

A vulnerability has been identified in Mendix Forgot Password Appstore module All versions = V3.3.0 V3.5.1, Mendix Forgot Password Appstore module Mendix 7 compatible All versions V3.2.2. Initial passwords are generated in an insecure manner. This could allow an unauthenticated remote attacker to...

9.8CVSS6.9AI score0.01437EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

WBCE CMS 安全特征问题漏洞

WBCE CMS is a PHP and MySQL based open source content management system CMS from WBCE CMS Open Source. A security feature issue vulnerability exists in WBCE CMS version 1.6.4 and earlier, which stems from an insecure password generation function that could lead to password prediction or brute for...

9.8CVSS6.6AI score0.00444EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-5459

Malware in sbrugna...

7.5CVSS6.4AI score0.01839EPSS
Exploits1References7
Veracode
Veracode
added 2022/12/08 4:15 a.m.23 views

Information Disclosure

passeo is vulnerable to information disclosure. The vulnerability exists due to the use of insecure random password generation library used in the generate function of init.py, allowing an attacker to guess the password...

7.5CVSS7AI score0.00791EPSS
Exploits0References4Affected Software1
Typo3
Typo3
added 2016/03/10 12:0 a.m.98 views

Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension "phpMyAdmin" phpmyadmin is susceptible to unsafe comparison of XSRF/CSRF token, multiple full path disclosure vulnerabilities, multiple XSS vulnerabilities, insecure password generation in JavaScript. Release Date: March 10, 2016 Component Type: Third par...

5CVSS0.2AI score0.02688EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/09 12:0 a.m.32 views

openSUSE Security Update : phpMyAdmin 4.4.15.4 (openSUSE-2016-168)

Security update to phpMyAdmin 4.4.15.4 The followinng vulnerabilities were fixed: boo964024 - CVE-2016-2038: Multiple full path disclosure vulnerabilities - CVE-2016-2039: Unsafe generation of XSRF/CSRF token - CVE-2016-2040: Multiple XSS vulnerabilities - CVE-2016-1927: Insecure password...

7.5CVSS6.2AI score0.02688EPSS
Exploits0References8
FreeBSD
FreeBSD
added 2016/01/28 12:0 a.m.29 views

phpmyadmin -- Insecure password generation in JavaScript

The phpMyAdmin development team reports: Password suggestion functionality uses Math.random which does not provide cryptographically secure random numbers. We consider this vulnerability to be non-critical...

7.5CVSS1.5AI score0.02688EPSS
Exploits0References1
exploitpack
exploitpack
added 2012/09/17 12:0 a.m.21 views

CoSoSys Endpoint Protector - Predictable Password Generation

CoSoSys Endpoint Protector - Predictable Password Generation source: https://www.securityfocus.com/bid/55570/info CoSoSys Endpoint Protector is prone to an insecure password generation vulnerability. Successfully exploiting this issue may allow an attacker to guess generated passwords and gain...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2012/09/17 12:0 a.m.39 views

CoSoSys Endpoint Protector - Predictable Password Generation

source: https://www.securityfocus.com/bid/55570/info CoSoSys Endpoint Protector is prone to an insecure password generation vulnerability. Successfully exploiting this issue may allow an attacker to guess generated passwords and gain access to affected appliances. CoSoSys Endpoint Protector 4 is...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/09/02 12:0 a.m.14 views

Dienstplan Predictable Random Password Generation Vulnerability

Dienstplan is prone to an insecure random password generation vulnerability. Successfully exploiting this issue may allow an attacker to guess randomly generated passwords. Versions prior to Dienstplan 2.3 are vulnerable. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be...

7.4AI score
Exploits0References3
Rows per page
Query Builder