EUVD-2025-201180

The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default...

FileBrowser has an unspecified vulnerability (CNVD-2025-22705)

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from the lack of password policy and brute force protection,...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

PT-2024-35092 · Fides · Fides

Name of the Vulnerable Software and Affected Versions: Fides versions prior to 2.50.0 Description: The user invite acceptance API endpoint /api/v1/user/accept-invite lacks server-side password policy enforcement, allowing users to set arbitrarily weak passwords by bypassing client-side validation...