34 matches found
GHSA-CHCR-X7HC-8FP8 Devise-Two-Factor vulnerable to brute force attacks
Advisory withdrawn The backing CVE has been rejected Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2F...
Devise-Two-Factor vulnerable to brute force attacks
Devise-Two-Factor does not throttle or otherwise restrict login attempts at the server by default. When combined with the Time-based One Time Password algorithm's TOTP inherent entropy limitations, it's possible for an attacker to bypass the 2FA mechanism through brute-force attacks. Impact If a...
CVE-2022-37176
Tenda AC6AC1200 v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard...
Input validation
Tenda AC6AC1200 v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard...
CVE-2022-37176
CVE-2022-37176 affects Tenda AC6 (AC1200) with v5.0 firmware
Tenda AC6 安全漏洞
Tenda AC6 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC6 AC1200 v5.0 Firmware version v02.03.01.114 and prior versions. An attacker can exploit this vulnerability by removing the Wi-Fi password and forcing the device into open security mode via a specially...
Improper Access Control in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-004 - Vulnerability type: Improper Access Control - Threa...
Improper Access Control in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-009 - Vulnerability type: Improper Access Control - Threa...
Username spoofing in OnionShare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-005 - Vulnerability type: Improper Input Sanitization -...
CVE-2017-4975
P CVE-2017-4975 affects Pivotal PCF Tile Generator (versions
xine 0.99.2 - Remote Stack Overflow Exploit
No description provided by source. / $ An open security advisory 6 - Xine vcd MRL input identifier management overflow 1: Bug Researcher: c0ntexatopen-security.org 2: Bug Released: July 28th 2004 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Remote / Local $ This advisory and/or proof of...
VMware 5.5.1 (ActiveX) Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ==================================================== VMware 5.5.1 ActiveX Local Buffer Overflow Exploit ==================================================== / $ An open security advisory 17 - VMWare ActiveX lame local overflow 1: Bug...
Elm < 2.5.8 (Expires Header) Remote Buffer Overflow Exploit
No description provided by source. / Exploit code for the bug posted by Ulf Harnhammar metaurtelia.com http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html Probably you will need to change SYSLOC and STRLOC to work on your box / include stdio.h include stdlib.h include string.h...
Lantronix Secure Console Server (edituser) Local Root Exploit
Exploit for unknown platform in category local exploits ============================================================= Lantronix Secure Console Server edituser Local Root Exploit ============================================================= !/bin/sh Lantronix Secure Console Server edituser root...