80 matches found
PT-2026-27485
Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.60 Parse Server versions prior to 9.6.0-alpha.54 Description An attacker with a user's password and a valid multi-factor authentication MFA recovery code can reuse the recovery code an unlimited number of tim...
EUVD-2012-4518
Malware in sbrugna...
EUVD-2007-0735
Malware in sbrugna...
EUVD-2020-23754
Malware in sbrugna...
EUVD-2018-12259
Malware in sbrugna...
EUVD-2025-27024
Malicious code in bioql PyPI...
EUVD-2023-0868
Malicious code in bioql PyPI...
CVE-2025-8182 Tenda AC18 Samba smb.conf weak password
A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etcro/smb.conf of the component Samba. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an atta...
CVE-2025-49147
Umbraco, a free and open source .NET content management system, has a vulnerability in versions 10.0.0 through 10.8.10 and 13.0.0 through 13.9.1. Via a request to an anonymously authenticated endpoint it's possible to retrieve information about the configured password requirements. The informatio...
PT-2025-23996 · Ibm · Ibm Security Verify Governance
Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance version 10.0.2 Description: The issue is related to the default password requirements. By default, strong passwords are not required, making it easier for attackers to compromise user accounts. Recommendations:...
CVE-2024-22355
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781...
CVE-2023-0451
Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and...
CVE-2021-25839
A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing...
CVE-2020-36176
The iThemes Security formerly Better WP Security plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs...
Unauthorized Account Access
mlflow is vulnerable to Unauthorized Account Access. The vulnerability is due to improper user account management during the account creation process or lack of a mandatory password requirement, allows accounts to be created without authentication credentials...
CVE-2024-41778
IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts...
CVE-2022-39997
CVE-2022-39997 affects Teldat RS123/RS123w routers through a weak password requirement that enables a remote attacker to escalate privileges. The Red Hat, NVD, CVE listings, and third-party sources consistently describe a credential-policy weakness in the router’s authentication flow that can lea...
CVE-2022-39997
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges...
CVE-2024-4784
An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy...
CVE-2024-4784
CVE-2024-4784 affects GitLab Enterprise Edition (EE) starting from 16.7 up to versions before 17.0.6, 17.1 before 17.1.4, and 17.2 before 17.2.2. The vulnerability permits bypassing the password re-entry requirement when approving a policy. Public sources consistently describe the issue as an aut...