140 matches found
CVE-2026-6284
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
EUVD-2026-23442
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2021-22003
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and...
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts...
PT-2025-43670
Name of the Vulnerable Software and Affected Versions Microweber CMS version 2.0 Description The application does not enforce minimum password length or complexity during password resets. This allows users to set weak passwords, including single-character passwords, potentially leading to account...
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts...
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts...
EUVD-2019-5959
Malware in sbrugna...
EUVD-2022-6502
Malicious code in bioql PyPI...
EUVD-2025-2771
Malicious code in bioql PyPI...
EUVD-2025-18666
Malicious code in bioql PyPI...
CVE-2025-24288
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...
CVE-2025-24288
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...
CVE-2025-24288
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...
CVE-2025-24288
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...
PT-2025-26196 · Versa · Versa Director
Name of the Vulnerable Software and Affected Versions: Versa Director affected versions not specified Description: The Versa Director software exposes several services by default, including ssh and postgres, which can provide an easy foothold for attackers due to default credentials and multiple...
CVE-2025-22390
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate...
CVE-2024-42850
An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements...