9 matches found
EUVD-2024-42807
Malicious code in bioql PyPI...
CVE-2024-5277 Weak Password Recovery Mechanism in lunary-ai/lunary
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism where the reset password token is not invalidated after use. This allows an attacker who compromises the recovery token to repeatedly change the password of a victim's account. The issue lies in the...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
PT-2021-11: Possibility to access file 00000001.SYP with file password mechanism enabled in the FX5U(C) CPU and FX5UJ CPU modules
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the storage of sensitive information in open form. Exploiting the vulnerability may allow an attacker, provided that the file password mechanism is enabled, to gain access to file...
Design/Logic Flaw
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...
CVE-2019-6560
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...
Session fixation
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1, when setting a new password, allows remote attackers to hijack web sessions via the session ID...
Password Security — Who's to Blame for Weak Passwords? Users, Really?
The majority of Internet users are vulnerable to cyber threats because of their own weaknesses in setting up a strong password. But, are end-users completely responsible for choosing weak passwords? Give a thought. Recently we wrote an article revealing the list of Worst Passwords of 2015 that...
CVE-2001-0315
The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key...