Authentication Bypass

ajenti.plugin.core is vulnerable to Authentication Bypass. The vulnerability is due to improper enforcement of password authentication when 2FA is enabled, which allows an attacker to bypass login controls and gain unauthorized access...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.1.22 and prior versions, which stems from improper access control of the Web login...

CVE-2021-3412

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks...

CVE-2021-3412

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks...

Design/Logic Flaw

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks...

CVE-2021-3412

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks...

CVE-2021-3412

CVE-2021-3412 affects the 3Scale developer portal, with the root cause being missing brute-force protections in all portal versions. The vulnerability could allow an attacker to bypass login controls and access privileged information, potentially enabling further attacks. Exploitation details are...

CVE-2021-3412

A flaw was found in the 3scale developer portal, where it lacked brute force protections. This flaw allows an attacker to use this gap to bypass login controls and access privileged information, or possibly conduct further attacks. The highest threat from this vulnerability is to confidentiality,...

Cisco Prime Collaboration Provisioning Tool Denial of Service Vulnerability

Cisco Prime Collaboration Provisioning Tool is a set of Web-based next-generation communication service tools from Cisco. The tool provides IP communication service features for IP telephony, voicemail and unified communications environments. web portal is one of the web portal. A denial of servi...

Design/Logic Flaw

A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service DoS condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by...

CVE-2018-0204

A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service DoS condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by...

CVE-2018-0204

CVE-2018-0204 affects the Cisco Prime Collaboration Provisioning Tool web portal. The root cause is weak login controls, enabling an unauthenticated, remote attacker to perform brute-force login attempts that can restrict user access and cause a DoS condition for individual users. The impact is r...

CVE-2018-0204

A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service DoS condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by...

Cisco Prime Collaboration Provisioning Tool Web Portal Repeated Bad Login Attempts Denial of Service Vulnerability

A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service DoS condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by...

Facebook Enhances Privacy Settings with Anonymous Login

Anonymous is the new black for Facebook. The social network announced a number of changes to how users interact with third-party apps via Facebook logins, the most interesting being a service called Anonymous Login. Facebook chief executive officer Mark Zuckerberg told developers at the company’s...