CVE-2025-40807

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

EUVD-2025-201926

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

CVE-2025-40807

Gridscale X Prepay (Siemens) is affected by CVE-2025-40807 in all versions

CVE-2025-40807

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

PT-2025-49835

A vulnerability has been identified in Gridscale X Prepay All versions V4.2.1. The affected application is vulnerable to capture-replay of authentication tokens. This could allow an authenticated but already locked-out user to establish still valid user sessions...

GSD-2022-1000008 faker.js 6.6.6 is broken and the developer has wiped the original GitHub repo

faker.js had it's version updated to 6.6.6 in NPM which reports it as having 2,571 dependent packages that rely upon it and the GitHub repo has been wiped of content. This appears to have been done intentionally as the repo only has a single commit so it was likjely deleted, recreated and a singl...

Hotel claims Conti ransomware attack on system as guests locked out

By Deeba Ahmed So far, the Conti ransomware has not demanded any ransom or published any details of the ransomware attack. This is a post from HackRead.com Read the original post: Hotel claims Conti ransomware attack on system as guests locked out...

CVE-2019-9708

An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. A site administrator can suspend the system user root, causing all users to be locked out from the system...

CVE-2019-9708

An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. A site administrator can suspend the system user root, causing all users to be locked out from the system...

Mozilla Firefox < 55 - Denial of Service Exploit

Exploit for multiple platform in category dos / poc Exploit Title: Mozilla Firefox Firefox Lockout Vulnerability"; //Content to be forcibly viewed echo ""; //End echo "setTimeout"location.href ='".$location."';",10000;"; ? Solution: Update to version 55...

Mozilla Firefox &lt; 55 - Denial of Service

Exploit Title: Mozilla Firefox Firefox Lockout Vulnerability"; //Content to be forcibly viewed echo ""; //End echo "setTimeout"location.href ='".$location."';",10000;"; ? Solution: Update to version 55 https://www.mozilla.org/en-US/firefox/55.0/releasenotes/ Mozilla Foundation Security Advisory:...

CVE-2017-10604 Junos OS: SRX Series: Cluster configuration sync failures occur if the root user account is locked out

When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or failover operatio...

Users get multiple OTP Push Notifications, Radius servers see multiple Auth requests & Auth Failures

Users will receive authentication denials, may receive multiple Push Notifications, Radius servers will log multiple simultaneous authentication requests for the same user with different Radius IDs, or user One Time Password tokens will become locked out. If you review traces, you will see multip...

FreeBSD : rssh -- configuration restrictions bypass (a4598875-ec91-11e1-8bd8-0022156e8794)

Derek Martin rssh maintainer reports : John Barber reported a problem where, if the system administrator misconfigures rssh by providing too few access bits in the configuration file, the user will be given default permissions scp to the entire system, potentially circumventing any configured...

[Full-disclosure] Cisco Security Advisory: Unintentional Password Modification in Cisco Firewall Products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Unintentional Password Modification in Cisco Firewall Products Document ID: 70811 Advisory ID: cisco-sa-20060823-firewall http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml Revision 1.0 For Public Release 20...