Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/02/03 2:54 p.m.29 views

CVE-2026-1814 Rapid7 Nexpose Insecure Java Keystore Password Generation

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 12:28 a.m.21 views

CVE-2025-57434

Creacast Creabox Manager contains a critical authentication flaw that allows an attacker to bypass login validation. The system grants access when the username is creabox and the password begins with the string creacast, regardless of what follows...

8.8CVSS7.2AI score0.00458EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/22 12:0 a.m.7 views

CVE-2025-57434

Creacast Creabox Manager contains a critical authentication flaw that allows an attacker to bypass login validation. The system grants access when the username is creabox and the password begins with the string creacast, regardless of what follows...

6.8AI score0.00458EPSS
Exploits1References2
CVE
CVE
added 2025/09/22 12:0 a.m.43 views

CVE-2025-57434

The vulnerability CVE-2025-57434 affects Creacast Creabox Manager. An authentication bypass exists: if the username is creabox and the password begins with creacast, access is granted regardless of the remaining password. This is described consistently across multiple sources. The CVSS 3.1 vector...

8.8CVSS6.8AI score0.00458EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.5 views

TYPO3 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-019)

The version of TYPO3 installed on the remote host is 12.0.0 prior to 12.4.37 / 13.0.0 prior to 13.4.18. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-019 advisory. - By default, the Password Generation component creates a password that always begins with a...

6.5CVSS5.5AI score0.00174EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/06/25 6:5 p.m.6 views

crypt(): DES encrypted password weakness

The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...

4.3CVSS7.3AI score0.05734EPSS
Exploits0References4
Rows per page
Query Builder