Lucene search
K

34 matches found

OSV
OSV
added 2024/01/12 3:13 p.m.15 views

GHSA-CHCR-X7HC-8FP8 Devise-Two-Factor vulnerable to brute force attacks

Advisory withdrawn The backing CVE has been rejected Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2F...

5CVSS8.3AI score
Exploits0References4
RubySec
RubySec
added 2024/01/11 9:0 p.m.53 views

Devise-Two-Factor vulnerable to brute force attacks

Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2FA mechanism through brute-force attacks. Impact If a...

7.7AI score
Exploits0References1Affected Software1
NVD
NVD
added 2022/08/30 4:15 p.m.23 views

CVE-2022-37176

Tenda AC6AC1200 v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard...

9.8CVSS0.00773EPSS
Exploits0References1
Prion
Prion
added 2022/08/30 4:15 p.m.14 views

Input validation

Tenda AC6AC1200 v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard...

7.5CVSS9.2AI score0.00773EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/08/30 3:7 p.m.70 views

CVE-2022-37176

CVE-2022-37176 affects Tenda AC6 (AC1200) with v5.0 firmware

9.8CVSS9.2AI score0.00773EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.5 views

Tenda AC6 安全漏洞

Tenda AC6 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC6 AC1200 v5.0 Firmware version v02.03.01.114 and prior versions. An attacker can exploit this vulnerability by removing the Wi-Fi password and forcing the device into open security mode via a specially...

9.8CVSS7.1AI score0.00773EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/01/21 11:20 p.m.25 views

Improper Access Control in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-004 - Vulnerability type: Improper Access Control - Threa...

4.3CVSS0.4AI score0.00673EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/21 11:20 p.m.30 views

Improper Access Control in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-009 - Vulnerability type: Improper Access Control - Threa...

5.3CVSS1.1AI score0.00849EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/21 11:20 p.m.28 views

Username spoofing in OnionShare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-005 - Vulnerability type: Improper Input Sanitization -...

4.3CVSS0.6AI score0.00708EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2017/06/13 6:0 a.m.46 views

CVE-2017-4975

P CVE-2017-4975 affects Pivotal PCF Tile Generator (versions

7.5CVSS7.4AI score0.00818EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

xine 0.99.2 - Remote Stack Overflow Exploit

No description provided by source. / $ An open security advisory 6 - Xine vcd MRL input identifier management overflow 1: Bug Researcher: c0ntexatopen-security.org 2: Bug Released: July 28th 2004 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Remote / Local $ This advisory and/or proof of...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/08/27 12:0 a.m.19 views

VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ==================================================== VMware 5.5.1 ActiveX Local Buffer Overflow Exploit ==================================================== / $ An open security advisory 17 - VMWare ActiveX lame local overflow 1: Bug...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2005/08/22 12:0 a.m.24 views

Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit

No description provided by source. / Exploit code for the bug posted by Ulf Harnhammar metaurtelia.com http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html Probably you will need to change SYSLOC and STRLOC to work on your box / include stdio.h include stdlib.h include string.h...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/08/05 12:0 a.m.41 views

Lantronix Secure Console Server (edituser) Local Root Exploit

Exploit for unknown platform in category local exploits ============================================================= Lantronix Secure Console Server edituser Local Root Exploit ============================================================= !/bin/sh Lantronix Secure Console Server edituser root...

6.8AI score
Exploits0
Rows per page
Query Builder