CVE-2026-20164

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the "admin" or "power" Splunk roles could access the...

CVE-2022-22789

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

Design/Logic Flaw

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

The vulnerability of the microprogrammed software of the D–Link DSR–500 router allows a malicious individual to gain access to user account information.

In the file system of the D–Link DSR–500 router, user passwords are stored publicly in the file /tmp/teamf1.cfg.ascii...

Password cracking (NASL wrappers common options)

This plugin sets options for the various password cracking tools. OpenVAS Vulnerability Test Remote password cracking - common options Based on hydra scripts by Michel Arboi Authors: Vlatko Kosturjak This program is free software; you can redistribute it and/or modify it under the terms of the GN...