Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-50341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack...

3.1CVSS6.8AI score0.00318EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.9 views

CVE-2023-46745

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user account...

7.5CVSS6.8AI score0.00599EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/31 12:0 a.m.5 views

PT-2024-17911 · Unknown · Electronic Official Document Management System

Name of the Vulnerable Software and Affected Versions: Electronic Official Document Management System affected versions not specified Description: The Electronic Official Document Management System has an Authentication Bypass issue. Although the product enforces an IP whitelist for the API used ...

9.8CVSS7.3AI score0.01259EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.7 views

PT-2024-34151 · Symfony +2 · Symfony/Securitybundle +2

Name of the Vulnerable Software and Affected Versions: symfony/security-bundle versions prior to 6.4.10 symfony/security-bundle versions prior to 7.0.10 symfony/security-bundle versions prior to 7.1.3 Description: The custom user checker defined on a firewall is not called when logging in...

8.8CVSS6.5AI score0.63422EPSS
Exploits1References45
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.19 views

Dahua Security Cameras Incorrect Default Permissions (CVE-2019-9682)

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker c...

8.1CVSS7.1AI score0.0086EPSS
Exploits0References2
OSV
OSV
added 2024/07/19 6:15 p.m.5 views

CVE-2024-41600

Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component...

7.5CVSS5.8AI score0.00445EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/19 12:0 a.m.8 views

PT-2024-29457 · Unknown · Lin-Cms Springboot

Name of the Vulnerable Software and Affected Versions: lin-CMS Springboot versions 0.2.1 and before Description: The issue allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. Recommendations: For versions 0.2.1 and before, consider...

7.5CVSS6.8AI score0.00445EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/07/19 12:0 a.m.9 views

PT-2024-29458 · Lin-Cms · Lin-Cms

Name of the Vulnerable Software and Affected Versions: lin-CMS versions 0.2.0 and before Description: The issue allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. Recommendations: For lin-CMS versions 0.2.0 and before, consider...

7.5CVSS6.8AI score0.00453EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/11/15 12:0 a.m.21 views

Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe FrameMaker Publishing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Login method. The issue results from improper implementation of th...

9.8CVSS7.4AI score0.01373EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/01/05 12:0 a.m.37 views

Advantech WebAccess BWSCADASoap Login Method SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Advantech WebAccess. The specific flaw exists within processing of the Login method of the BWSCADASoap entry point. When parsing the ProjectName and Username elements, the process does not properly...

6.8CVSS9.5AI score0.06009EPSS
Exploits4References1
Citrix
Citrix
added 2017/01/20 12:0 a.m.9 views

Published app does not launch when SSO is used. Desktops launch fine.

Using Receiver and Receiver for web, published app wont launch but a published desktop works fine. If user is local admin - it works If signing in with username/password on Receiver or Receiver for web - it works. Event generated on vda host: "non-brokered ica connection request denied because th...

7AI score
Exploits0
myhack58
myhack58
added 2013/07/24 12:0 a.m.19 views

SDCMS background to bypass directly into the,A not common design mistakes case study-vulnerability warning-the black bar safety net

Brief description: SDCMS background to bypass directly into the: test version 2. 0 beta2 other versions not tested Detailed description: Islogin //determine login method sub islogin if sdcms. strlenadminid=0 or sdcms. strlenadminname=0 then dim t0,t1,t2 t0=sdcms. getintsdcms. loadcookie"adminid",...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2013/02/28 12:0 a.m.17 views

Nmap NSE 6.01: pop3-brute

Tries to log into a POP3 account by guessing usernames and passwords. SYNTAX: userdb: The filename of an alternate username database. pop3loginmethod: The login method to use: ''USER'' default, ''SASL-PLAIN'', ''SASL-LOGIN'', ''SASL-CRAM-MD5'', or ''APOP''. unpwdb.passlimit: The maximum number of...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.14 views

Nmap NSE net: pop3-brute

Tries to log into a POP3 account by guessing usernames and passwords. SYNTAX: userdb: The filename of an alternate username database. pop3loginmethod: The login method to use: ''USER'' default, ''SASL-PLAIN'', ''SASL-LOGIN'', ''SASL-CRAM-MD5'', or ''APOP''. unpwdb.passlimit: The maximum number of...

7.5AI score
Exploits0
Prion
Prion
added 2011/02/03 4:0 p.m.13 views

Default configuration

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method...

10CVSS7.2AI score0.13988EPSS
Exploits4References8Affected Software3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.8 views

Cybozu Office 6 information disclosure vulnerability

Overview A vulnerability exists in Cybozu Office 6 allowing the disclosure of registered users or groups information. Cybozu Office 6 provides several login methods. One of the methods, meant to be used in the Internet, allows direct entry of a username. However, even when this method is used,...

5CVSS6.4AI score0.01316EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/09/18 10:0 p.m.18 views

CVE-2007-4961

The logintosimulator method in Linden Lab Second Life, as used by the secondlife:// protocol handler and possibly other Second Life login mechanisms, sends an MD5 hash in cleartext in the passwd field, which allows remote attackers to login to an account by sniffing the network and then sending...

7.7AI score0.01266EPSS
Exploits1References2
myhack58
myhack58
added 2005/11/08 12:0 a.m.31 views

MSN Messenger8. 0 login method decrypt-vulnerability warning-the black bar safety net

Earlier, Microsoft had announced will be on MSN Messenger to make some changes, upgrade to Windows Live Messenger 8.0, and will demo some of the new features. The new version of the picture already from Bill Gates earlier demo version leaked to the Internet. Today we've got MSN Live Messenger8. 0...

3.1AI score
Exploits0
securityvulns
securityvulns
added 2000/04/07 12:0 a.m.55 views

Re: IMAIL (Ipswitch) DoS with Eudora (Qualcomm)

I'm the lead developer for Windows Eudora here at Qualcomm, and I've been the one who has investigated these issues of SMTP authentication with IPSwitch's IMail server. Here's some details that may be helpful for IMail users: The problem is with IMail SMTP server versions 6.02 and below. When the...

Exploits0
Rows per page
Query Builder