EUVD-2005-2510

Malware in sbrugna...

EUVD-2020-20574

Malware in sbrugna...

EUVD-2008-0573

Malware in sbrugna...

EUVD-2018-2436

Malware in sbrugna...

EUVD-2005-4878

Malware in sbrugna...

EUVD-2002-1717

Malware in sbrugna...

EUVD-2019-13064

Malware in sbrugna...

EUVD-2024-22464

Malicious code in bioql PyPI...

EUVD-2025-5957

Malicious code in bioql PyPI...

EUVD-2023-38070

Malicious code in bioql PyPI...

EUVD-2022-52257

Malicious code in bioql PyPI...

EUVD-2024-19969

Malicious code in bioql PyPI...

Endress+Hauser MEAC300-FNADE4 Information Disclosure Vulnerability (CNVD-2025-16346)

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. An information disclosure vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the authentication mechanism based on the challenge response system using the...

PT-2025-27787 · Vnc · Vnc

Name of the Vulnerable Software and Affected Versions: VNC affected versions not specified Description: The issue concerns the VNC authentication mechanism, which uses a challenge-response system. This system relies on both the server and client using the same password for encryption. An attacker...

CVE-2025-6932

A vulnerability, which was classified as problematic, was found in D-Link DCS-7517 up to 2.02.0. This affects the function gFnGenPassForQlync of the file /bin/httpd of the component Qlync Password Generation Handler. The manipulation leads to use of hard-coded password. It is possible to initiate...

ROS-20250619-05

A vulnerability in the PostgreSQL PgBouncer connection pooling program is related to the fact that a password can be used after it expires, because authquery does not take into account the value of Postgre's VALID UNTIL. Exploitation of the vulnerability allows an attacker acting remotely to gain...

CVE-2025-47646

CVE-2025-47646 affects the WordPress plugin PSW Front-end Login & Registration (versions ≤ 1.13). The Nuclei template and related exploits describe a weak password recovery/unauthenticated registration mechanism that can enable account creation without authentication, potentially followed by priv...

CVE-2020-28873

Fluxbb 1.5.11 is affected by a denial of service DoS vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will result in CPU and memory exhaustion on the server...

CVE-2019-13949

SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demonstrated by CSRF for an index.php?c=Administrator=update admin password change...

CVE-2019-3425

The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by vulnerability of permission and access control. An attacker could exploit this vulnerability to directly reset or change passwords of other accounts...