GHSA-VJF3-2GPJ-233V n8n has an SSO Enforcement Bypass in its Self-Service Settings API

Impact An authenticated user signed in through Single Sign-On SSO could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy,...

n8n has an SSO Enforcement Bypass in its Self-Service Settings API

Impact An authenticated user signed in through Single Sign-On SSO could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy,...

CVE-2025-27919

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can manipulate remote AnyDesk settings and create a password for the Full Access profile without needing confirmation from the counterparty. Consequently, the attacker can later...

EUVD-2016-0365

Malware in sbrugna...

CVE-2024-25343

Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords...

CVE-2025-26091

A Cross Site Scripting XSS vulnerability exists in TeamPasswordManager v12.162.284 and before that could allow a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'name' parameter when creating a new password in the "My...

CVE-2024-36789

An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to create passwords that do not conform to defined security standards...

CVE-2024-36789

CVE-2024-36789 concerns the Netgear WNR614 router (N300 series) where the weak password policy allows creation of passwords that do not meet defined security standards (under firmware N300-V1.1.0.54_1.0.1). The vulnerability arises from password requirements that do not enforce strong, compliant ...

Netgear WNR614 安全漏洞

The Netgear WNR614 is an N300 wireless router with external antenna from Netgear USA. The Netgear WNR614 has a security vulnerability that originates from allowing an attacker to create security standard passwords that do not meet the definitions. No details of the vulnerability are provided at...

RHEL 6 : xguest (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xguest insecure password creation CVE-2016-4980 Note that Nessus has not tested for this issue but has instead reli...

Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18

School is fully back in session for kids all across the world, and for many students, that means logging back online to learn, do homework, submit assignments, and maybe even continue some distance learning, depending on their schools pandemic precautions. But with more Internet activity comes...

CVE-2013-1793

openstack-utils openstack-db has insecure password creation...

Default credentials

openstack-utils openstack-db has insecure password creation...

Nextcloud: WordPress vulnerable to multiple attacks at https://nextcloud.com

summary: your current version of WordPress is available to multiple attacks check INFO.php available attacks: - Unauthenticated Arbitrary File Deletion - lib/IPTraf.php User-Agent Header Stored XSS - Password Creation Restriction Bypass - wp-admin/admin.php whois Parameter Stored XSS - XSS & IAA ...

CVE-2016-0330

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm...

Design/Logic Flaw

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm...

CVE-2016-0330

CVE-2016-0330 affects IBM Security Identity Manager Virtual Appliance. The issue is a weak password algorithm used during password creation in ISIM VA versions 7.0.0.0–7.0.1.1 prior to FP0003, which could allow remote attackers to gain access by exploiting the password mechanism. The published re...

CVE-2016-0330

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm...

Wordfence 3.8.1 - Password Creation Restriction Bypass

The Wordfence Security – Firewall & Malware Scan WordPress plugin was affected by a Password Creation Restriction Bypass security vulnerability...

Серьезная дырка в Exchange 2000 (User Account)

При установке в системе создается локальная учетная запись пользователя с заранее определенным паролем. При установке на контроллер домена запись создается в домене...