9 matches found
EUVD-2024-16816
Malicious code in bioql PyPI...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
The vulnerability of the password restoration function in systems for job requests, incidents, and computer equipment inventory management allows a hacker to circumvent existing security restrictions.
The vulnerability of the password restoration function in systems for job requests, incidents, and computer equipment inventory management in GLPI is related to the lack of a password restoration mechanism. Exploiting this vulnerability could allow an attacker to bypass existing security...
CVE-2024-1040
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
Design/Logic Flaw
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...
CVE-2024-1040
CVE-2024-1040 affects Gessler GmbH WEB-MASTER, specifically version 7.9, where user passwords are stored using a weak hashing algorithm. The weakness allows an attacker to restore passwords by breaking the stored hashes (confirmed by multiple sources in connected documents). This vulnerability ha...
The vulnerability of the password-reset function in Hikvision’s NVR/DVR video recorders allows intruders to trigger a service failure.
The vulnerability of the password restoration function in Hikvision’s NVR/DVR video recorders is related to errors in the password restoration mechanism. Exploiting this vulnerability could allow an intruder to cause a service failure...
The vulnerability of the password restoration mechanism of the Apex-VUZ system allows a hacker to obtain the email address associated with the restored password.
The vulnerability of the password restoration mechanism of the Apex-VUZ educational automation system is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the email address associated with the recoverable password...
Exploit for CVE-2020-1472
This repository is a proof-of-concept PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service. The exploit requires the latest version of Impacket from GitHub, with added Netlogon structures. The PoC is designed to authenticate with an all-zero challenge and credential to t...