Lucene search
K

14 matches found

Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.9 views

PT-2026-35503

Name of the Vulnerable Software and Affected Versions Note Mark versions prior to 0.19.3 Description An authentication bypass exists in the internal login endpoint. The IsPasswordMatch function in backend/db/models.go uses a hard-coded bcrypt"null" placeholder when a user has no stored password...

9.4CVSS5.8AI score0.00296EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2025/12/09 9:33 a.m.5 views

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS6.9AI score0.00412EPSS
Exploits0References1
NVD
NVD
added 2025/12/08 10:16 a.m.7 views

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/12/08 10:16 a.m.3 views

CVE-2025-27019

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS7.1AI score0.00412EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 9:22 a.m.5 views

EUVD-2025-201701

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS6.4AI score0.00412EPSS
Exploits0References2
CVE
CVE
added 2025/12/08 9:22 a.m.18 views

CVE-2025-27019

CVE-2025-27019 affects Infinera MTC-9 where the Remote Shell Service (RSH) in firmware version R22.1.1.0275 contains a misconfiguration that allows an attacker to exploit password-less user accounts to obtain full system access via a reverse shell. The advisory notes impact on MTC-9 from R22.1.1....

9.8CVSS6.5AI score0.00412EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/08 9:22 a.m.3 views

CVE-2025-27019 Remote shell service (RSH) in Infinera MTC-9

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS6.5AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/08 9:22 a.m.29 views

CVE-2025-27019 Remote shell service (RSH) in Infinera MTC-9

Remote shell service RSH in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0...

9.8CVSS0.00412EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7156

Malware in sbrugna...

9.8CVSS9.4AI score0.01684EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/05/02 6:40 a.m.15 views

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by...

7.1AI score
Exploits0
PyPA
PyPA
added 2025/03/20 10:15 a.m.9 views

PYSEC-2025-17

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

5.5CVSS6.7AI score0.00336EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/03/20 10:15 a.m.7 views

CVE-2025-1474

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be susceptible to unauthorized access. Additionally, this issue violates best practices for secure user accou...

5.5CVSS6.9AI score
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

MLflow 安全漏洞

MLflow is an open source platform from MLflow that simplifies machine learning development, including tracking experiments, packaging code into repeatable runs, and sharing and deploying models. A security vulnerability exists in MLflow version 2.18 that stems from the ability for administrators ...

5.5CVSS4.6AI score0.00336EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/12/08 12:0 a.m.12 views

Fedora 19 : lynis-1.3.6-1.fc19 (2013-22768)

1.3.6 2013-12-03 New : - Support for the dntpd time daemon - New Apache test for modules HTTP-6632 - Apache test for modevasive HTTP-6640 - Apache test for modqos HTTP-6641 - Apache test for modspamhaus HTTP-6642 - Apache test for ModSecurity HTTP-6643 - Check for installed package audit tool...

5.6AI score
Exploits0References3
Rows per page
Query Builder