Lucene search
K

11 matches found

OSV
OSV
added 2026/03/03 10:18 p.m.3 views

GHSA-JMMG-JQC7-5QF4 OpenClaw's browser-origin WebSocket auth hardening gap could enable loopback password brute-force chains

This issue is a browser-origin WebSocket auth chain on local loopback deployments using password auth. It is serious, but conditional: an attacker must get the user to open a malicious page and then successfully guess the gateway password. Context and Preconditions OpenClaw’s web/gateway surface ...

7.5CVSS5.9AI score0.00294EPSS
Exploits0References5
Kitploit
Kitploit
added 2021/11/26 11:30 a.m.155 views

goEnumBruteSpray - User Enumeration And Password Bruteforce On Azure, ADFS, OWA, O365 And Gather Emails On Linkedin

The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can be retrieved to avoid account lockout, to know that the password is good but expired, MFA enabled,... Linkedin This module should be used to retrieve a list of email addresses before...

7.5AI score
Exploits0References6
Hacker One
Hacker One
added 2021/07/16 10:17 a.m.102 views

Ian Dunn: Multiple server ssh usernames leaked in your github repository

hi security team,while searching on github,I have found multiple ssh usernames that belongs to your organization are exposed in the organization github repository STEPS TO REPRODUCE:- 1.Go to this repository. you will see the leaked multiple server ssh usernames...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2021/06/24 12:30 p.m.263 views

Shreder - A Powerful Multi-Threaded SSH Protocol Password Bruteforce Tool

Shreder is a powerful multi-threaded SSH protocol password brute-force tool. Features Very fast password guessing, just one password in 0.1 second. Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds. Simple CLI and API usage. Installation pip3 install...

7.4AI score
Exploits0References1
NVD
NVD
added 2021/03/03 8:15 p.m.22 views

CVE-2021-27935

An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie...

7.5CVSS0.04123EPSS
Exploits0References1
OSV
OSV
added 2021/03/03 8:15 p.m.14 views

CVE-2021-27935

An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie...

7.5CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2021/03/03 8:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie...

5CVSS7.5AI score0.04123EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/03 7:37 p.m.55 views

CVE-2021-27935

Affected software: AdGuard prior to 0.105.2. The issue is that the password hash is stored in the user cookie, enabling an attacker who can obtain a user cookie to offline-brute-force the password. This is a server-side authentication-credential exposure via cookies. Impact stated: offline passwo...

7.5CVSS7.5AI score0.04123EPSS
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2016/04/05 12:0 a.m.31 views

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities Systems Affected Product : ManageEngine Password Manager Pro Company : ZOHO Corp. Build Number : 8.1 to 8.3 and probably earlier versions Affected Versions : 8102 to 8302 and probably earlier versions Product Description...

0.3AI score
Exploits0
0day.today
0day.today
added 2016/04/05 12:0 a.m.33 views

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities

Exploit for jsp platform in category web applications Systems Affected Product : ManageEngine Password Manager Pro Company : ZOHO Corp. Build Number : 8.1 to 8.3 and probably earlier versions Affected Versions : 8102 to 8302 and probably earlier versions Product Description Password Manager Pro i...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.24 views

Zyxel P660RT2 multiple security vulnerabilities

Crossite scripting, CSRF, password bruteforce...

1.6AI score
Exploits0References2
Rows per page
Query Builder