30 matches found
EUVD-2016-5471
Malware in sbrugna...
EUVD-2021-13954
Malware in sbrugna...
EUVD-2005-4760
Malware in sbrugna...
EUVD-2010-0023
Malware in sbrugna...
CVE-2025-58582
CVE-2025-58582 affects SICK Enterprise Analytics and SICK Logistic Analytics. The issue stems from logging POST login data without validation, allowing unusually large payloads to be recorded. This can lead to uncontrolled resource consumption and potential impact on availability, as indicated by...
EUVD-2022-39799
Malicious code in bioql PyPI...
CVE-2024-44762
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts...
CVE-2021-27188
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service access suspended for five hours by making five invalid login attempts to a victim's account...
CVE-2020-15906
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts...
CVE-2010-5291
Amberdms Billing System ABS before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach...
CVE-2005-4767
BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 SP6 and earlier, when using username/password authentication, does not lock out a username after the maximum number of invalid login attempts, which makes it easier for remote attackers to guess the password...
CVE-2024-44762
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts...
Authentication flaw
The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider ta...
CVE-2022-37146
PlexTrac platforms prior to version 1.28.0 are affected by an authentication flaw allowing username enumeration. An unauthenticated attacker can distinguish between valid, unlocked PlexTrac users and invalid ones by measuring HTTP login response times, as valid unlocked accounts process requests ...
CVE-2021-27188
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service access suspended for five hours by making five invalid login attempts to a victim's account...
CVE-2021-27188
The CVE-2021-27188 entry concerns the Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1. Impact is a denial of service: an attacker can trigger an access suspension of five hours by making five invalid login attempts. The root cause is not explicitly detailed in the available docume...
Tiki Authentication Bypass Vulnerability
Tiki is a suite of open source content management and portal applications from the Tiki community that can be used to create web applications, portals, corporate intranets, extranets, and more. An authentication bypass vulnerability exists in versions prior to Tiki 21.2, which stems from Tiki...
Default credentials
tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts...
CVE-2020-15906
CVE-2020-15906 affects Tiki Wiki CMS GroupWare before 21.2. The flaw in tiki-login.php allows an authentication bypass: after 50 invalid login attempts, the admin password is set to blank, permitting unauthenticated admin access. Remediation: upgrade to version 21.2 or later. CVSS 3.1 base score ...
PT-2020-14703 · Tiki · Tiki
Name of the Vulnerable Software and Affected Versions: Tiki versions prior to 21.2 Description: The issue allows an attacker to set the admin password to a blank value after a certain number of invalid login attempts. There have been reports of activities targeting this issue. Recommendations: Fo...