Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that stems from a relatively laxity in the password checking logic, where certain...

AnythingLLM Security Vulnerability

AnythingLLM is a document chatbot that meets business requirements. AnythingLLM has a security vulnerability that stems from insufficient password checking...

WatchGuard EPDR Security Vulnerability

WatchGuard EPDR is an application from WatchGuard USA, Inc. prevents, detects and responds to any type of known and unknown malware as well as fileless and malware-free attacks. A security vulnerability exists in WatchGuard EPDR version 8.0.21.0002, which stems from a weak implementation of...

GHSA-MP5P-G2JV-R8QW rdiffweb contains Weak Password Requirements

rdiffweb version 2.4.1 has no password policy or password checking, which could make users vulnerable to brute force password guessing attacks. Version 2.4.2 enforces minimum and maximum password lengths...

bouncycastle15 -- bcrypt password checking vulnerability

The Bouncy Castle team reports: The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different...

D-Link DAP-2610 Router login Incorrect Comparison Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the lack of proper...

Cr3dOv3r - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs but useful : Search for public leaks for the email and if it any, it returns with all available details about the leak Using hacked-emails site API. Now you give it this email's old or...

WPA WPA2 Phishing Tool: Linset

WPA WPA2 Phishing Tool: Linset Linset Is Not a Social Enginering Tool To run linset in Kali-linux, only two2 additional programs are requiredrqr. They are lighttpd and php5-cgi. apt-get install lighttpd apt-get install php5-cgi After you unzip the download, place the linset folder found in the...

CentOS Update for mysql CESA-2013:0180 centos5

Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2013:0180 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for mysql RHSA-2013:0180-01

Check for the Version of mysql OpenVAS Vulnerability Test RedHat Update for mysql RHSA-2013:0180-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Scientific Linux Security Update : mysql on SL5.x i386/x86_64 (20130122)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 A flaw was fou...

Important: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120221)

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo...

Scientific Linux Security Update : sudo on SL6.x i386/x86_64

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo...

IObit Protected Folder protection bypass

It's possible to bypass protection, e.g. by changing return value of password checking function...

RedHat Update for sudo RHSA-2011:0599-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2011:0599-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Low: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes one security issue and various bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

creds-summary NSE Script

Lists all discovered credentials e.g. from brute force and default password checking scripts at end of scan. Script Arguments creds.service, creds.global See the documentation for the creds library. Example Usage nmap -sV -sC Script Output | creds-summary: | 10.10.10.10 | 22/ssh | lisbon:jane -...

Low: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

sudo -- local privilege escalation

Todd Miller reports: Beginning with sudo version 1.7.0 it has been possible to grant permission to run a command using a specified group via sudo's -g option run as group, if allowed by the sudoers file. A flaw exists in sudo's password checking logic that allows a user to run a command with only...