340 matches found
GHSA-PX7X-GQ96-RMP5 AVideo has an Unauthenticated Password Hash Oracle via encryptPass.json.php
Summary /objects/encryptPass.json.php exposes the application's password hashing algorithm to any unauthenticated user. An attacker can submit arbitrary passwords and receive their hashed equivalents, enabling offline password cracking against leaked database hashes. Details File:...
PT-2026-25998
Summary /objects/encryptPass.json.php exposes the application's password hashing algorithm to any unauthenticated user. An attacker can submit arbitrary passwords and receive their hashed equivalents, enabling offline password cracking against leaked database hashes. Details File:...
linux-security-tools
Linux Security Tools Linux security tools, scanners, crackers...
OpenText Vertica 安全漏洞
OpenText Vertica is a relational database management system RDBMS from OpenText Canada. It can efficiently store massive amounts of data. There are security vulnerabilities in OpenText Vertica versions 10.X and earlier, as well as versions 11.X and earlier, and 12.X and earlier. These...
PT-2025-49153
Name of the Vulnerable Software and Affected Versions Silicon Labs Simplicity Device Manager affected versions not specified Description The web interface of the Silicon Labs Simplicity Device Manager, when exposed publicly, allows an attacker to extract the NTLMv2 hash. This hash can then be use...
GHSA-GQ3G-666W-7H85 Grav Exposes Password Hashes Leading to privilege escalation
Exposure of Password Hashes Leading to privilege escalation Severity Rating: Medium Vector: Privilege Escalation CVE: XXX CWE: 200 - Exposure of Sensitive Information CVSS Score: 6.2 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L Analysis It was observed that if a users is given read...
When Intelligence Fails: An Empirical Study on Why LLMs Struggle with Password Cracking
The remarkable capabilities of Large Language Models LLMs in natural language understanding and generation have sparked interest in their potential for cybersecurity applications, including password guessing. In this study, we conduct an empirical investigation into the efficacy of pre-trained LL...
EUVD-2017-14645
Malware in sbrugna...
EUVD-2020-20730
Malware in sbrugna...
EUVD-2021-10781
Malware in sbrugna...
EUVD-2019-11480
Malware in sbrugna...
EUVD-2003-0144
Malware in sbrugna...
EUVD-2020-6625
Malware in sbrugna...
EUVD-2002-0697
Malware in sbrugna...
EUVD-2018-11553
Malware in sbrugna...
EUVD-2018-20632
Malware in sbrugna...
EUVD-2022-15243
Malicious code in bioql PyPI...
EUVD-2022-26963
Malicious code in bioql PyPI...
EUVD-2025-4193
Malicious code in bioql PyPI...
JustTryHarder
This is a cheat sheet repository for the PWK Pentester's Workbench course and the OSCP Offensive Security Certified Professional exam. It is inspired by PayloadAllTheThings. The repository contains various tools, scripts, and resources for penetration testing and exploitation. The repository...