13 matches found
EUVD-2024-42579
Malicious code in bioql PyPI...
CVE-2024-51557
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted...
CVE-2024-51557
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted...
CVE-2024-51557 No Rate Limiting Vulnerability in Wave 2.0
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted...
CVE-2024-51557
CVE-2024-51557 concerns Wave 2.0, where an API endpoint allows OTP requests without rate limiting. This vulnerability could enable an authenticated remote attacker to perform OTP bombing/flooding by issuing multiple requests against the vulnerable endpoint. Affected component: Wave 2.0 API handli...
CVE-2024-47654
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654 No Rate Limiting vulnerability
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654 No Rate Limiting vulnerability
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654
The issue affects Shilpi Client Dashboard (versions prior to 9.7.0). Root cause: lack of rate limiting and CAPTCHA protection for OTP requests in certain API endpoints, enabling unauthenticated attackers to flood OTP requests and cause an OTP bombing on the target system. Affected software and ve...
CVE-2024-45788
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP...
CVE-2024-45788 No Rate Limiting Vulnerability
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP...
CVE-2024-45788
CVE-2024-45788 affects Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this by issuing multiple OTP requests via vulnerable endpoints, potentially causing OTP bombing/flooding on the target system....