Fedora: Security Advisory for golang-github-nbutton23-zxcvbn (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-29729

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

Default credentials

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

CVE-2022-29729

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

gitea -- multiple vulnerabilities

The Gitea Team reports for release 1.13.3: Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one The Gitea Team reports for release 1.13.4: Fix issue popups...

Design/Logic Flaw

MobileIron VSP 5.9.1 and Sentry 5.0 has a weak password obfuscation algorithm...

CVE-2019-12385

An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches even guest users can dump any data contained in the database sessions, hashed passwords, etc.. This may lead to a full compromise of...

CVE-2018-10239

A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a...

Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available

Summary There are multiple security vulnerabilities in various components used by IBM Security Identity Manager Virtual Appliance Vulnerability Details CVEID: CVE-2016-0330 DESCRIPTION: IBM Security Identity Manager Virtual Appliance uses a weak password algorithm which allows users to create...

CVE-2017-17878

An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES aka the CONFIGFEATUREDEFAULTPASSWDALGO="des" setting...

CVE-2017-17878

An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES aka the CONFIGFEATUREDEFAULTPASSWDALGO="des" setting...

CVE-2017-7306

Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...

Default credentials

DISPUTED Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor...

CVE-2017-7306

Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that...

CVE-2017-7306

Riverbed RiOS before version 9.6.1 exposes a weak default password for the secure vault. This weakness can be exploited by physically proximate attackers who know the password algorithm and the appliance serial number, enabling defeat of the secure-vault protection mechanism. Documentation consis...

Design/Logic Flaw

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm...

Cisco Ironport Appliance Privilege Escalation

/ Cisco Ironport Appliances Privilege Escalation Vulnerability Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.5.5-280 Cisco Ironport WSA - AsyncOS 8.0.5-075 Cisco Ironport SMA - AsyncOS 8.3.6-0 Date: 22/05/2014 Credits: Glafkos Charalambous...

Cisco Ironport Appliances - Privilege Escalation

Cisco Ironport Appliances - Privilege Escalation / Cisco Ironport Appliances Privilege Escalation Vulnerability Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.5.5-280 Cisco Ironport WSA - AsyncOS 8.0.5-075 Cisco Ironport SMA - AsyncOS 8.3.6-0...

Default credentials

WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file...

Fiomental Coolsis Backoffice - Multiple Vulnerabilities

Fiomental Coolsis Backoffice - Multiple Vulnerabilities | \ | | | | | |/ / | | | | | // \ \ / / | | | | | | |/ | ' \ | |\ \ /\ V / | | || | || | | | | | | \| / /||,|||/|| || | | | || | | | | |/' || || | | |/ / | ' \ | /| |\ | | | / | | | | | | | \ |/ /./ / /|,|| || || / / DEFACEMENT...