CVE-2023-40660

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock a...

FakeLogonScreen - Fake Windows Logon Screen To Steal Passwords

FakeLogonScreen is a utility to fake the Windows logon screen in order to obtain the user's password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then displayed to the console or saved to disk. It can either be executed by simp...

CVE-2021-34546

An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...

Design/Logic Flaw

An unauthenticated attacker with physical access to a computer with NetSetMan Pro before 5.0 installed, that has the pre-logon profile switch button within the Windows logon screen enabled, is able to drop to an administrative shell and execute arbitrary commands as SYSTEM via the "save log to...

CVE-2019-12889

An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...

CVE-2019-12889

An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...

Microsoft Windows: Do not display network selection UI

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winnetworkselectionui.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Do not display network selection UI Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This progra...

tso-enum NSE Script

TSO User ID enumerator for IBM mainframes z/OS. The TSO logon panel tells you when a user ID is valid or invalid with the message: IKJ56420I Userid not authorized to use TSO. The TSO logon process can work in two ways: 1 You get prompted with IKJ56700A ENTER USERID - to which you reply with the...

RDP Screenshot

Binary data rdplogonscreen.nbin...

When you open the nworks Web UI in a browser, you see a blank screen.

When you open the nworks Web UI in a browser, you see a blank screen instead of the logon screen/management screen. You may also see a Java exception stating that you need to add the site to the Trusted Sites zone...

CVE-2005-1250

SQL injection vulnerability in the logon screen of the web front end NmConsole/Login.asp for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the 1 User Name field sUserName parameter or 2 Password sPassword parameter...

CVE-2003-0874

Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via 1 the cat parameter in faq.php, 2 the article parameter in faq.php, 3 the tickedid parameter in view.php, and 4 the Password entry on the logo...

Microsoft Windows SMB Registry : Classic Logon Screen

The registry key HKLM\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\LogonType is set to 1. It means that users who attempt to log in locally will see get the 'new' WindowsXP logon screen which displays the list of users of the remote host. C Tenable Network Security, Inc...