Lucene search
K

6 matches found

Snyk
Snyk
added 2026/03/31 11:2 p.m.3 views

Weak Password Requirements

Overview nautobot is a Source of truth and network automation platform. Affected versions of this package are vulnerable to Weak Password Requirements in the REST API for user management. An attacker can set weak or non-compliant passwords for user accounts by bypassing configured password...

5.1CVSS5.9AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/08 2:0 p.m.12 views

EUVD-2026-1670

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...

9.4CVSS6.3AI score0.02169EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/30 12:0 a.m.2 views

CVE-2025-61115

ABC Fine Wine & Spirits Android App version v.11.27.5 and before package name com.cta.abcfinewineandspirits, developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication,...

6.1AI score0.00348EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/31 12:0 a.m.12 views

CVE-2020-20402

Westbrookadmin portfolioCMS v1.05 allows attackers to bypass password validation and access sensitive information via session fixation...

7.6AI score0.00749EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.4 views

Hewlett Packard Enterprise BackBox 授权问题漏洞

Hewlett Packard Enterprise BackBox is a U.S. Hewlett Packard Enterprise provides the functionality needed to deploy HPE Uninterruptible BackBox products into your backup and recovery operations. Hewlett Packard Enterprise BACKBOX There is an authorization issue vulnerability that stems from the...

8.1CVSS7.7AI score0.00905EPSS
Exploits0References2
OSV
OSV
added 2019/07/25 5:15 p.m.4 views

CVE-2019-9884

eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...

9.8CVSS5.8AI score0.0296EPSS
Exploits1References3
Rows per page
Query Builder