CVE-2023-41353

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrup...

XWiki Platform 安全漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in XWiki Platform that originates from a user being able to infer the contents of a password field through repeated function calls...

Apple tvOS 安全漏洞

Apple tvOS is a set of smart TV operating systems from the American company Apple. A security vulnerability exists in several Apple products, where an attacker with physical access to an iOS device may be able to determine the characteristics of a user's password in a secure text input field. The...

DEBIAN-CVE-2017-5361

Request Tracker RT 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel attack...

Magento CMS Predictable Random Number Generation Vulnerability

Magento CMS is the United States Magento company's set of open source PHP e-commerce content management system CMS. A predictable random number generation vulnerability exists in Magento CMS Attackers can exploit this vulnerability to predict random numbers and infer passwords...