Brute Force

Overview Affected versions of this package are vulnerable to Brute Force due to the lack of password policy and brute-force protection in the authentication process. An attacker can gain unauthorized access to user accounts by performing automated brute-force attacks. Remediation Upgrade...

CVE-2024-54851

Teedy = 1.12 is vulnerable to Cross Site Request Forgery CSRF, due to the lack of CSRF protection...

The vulnerability in the DNN CMS system’s script execution scenario /Activity-Feed/userId/{user_id}, which allows a attacker to perform XSS attacks.

Vulnerability of the DNN CMS system’s /Activity-Feed/userId/userid endpoint: no measures taken to protect the website structure. Exploitation of this vulnerability allows a malicious actor to perform XSS attacks remotely...

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

PT-2023-27662 · Unknown · Opencart Cms

Name of the Vulnerable Software and Affected Versions: OpenCart CMS version 4.0.2.2 Description: The issue is related to a lack of protection against excessive login attempts on the login page, allowing unauthenticated attackers to perform a brute force attack to gain access to the application...

The vulnerability of the Python Redis library, redis-py, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Python Redis library, redis-py, is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the USB Serial Driver driver for the Windows operating system allows a perpetrator to gain unauthorized access to confidential information.

The vulnerability of the USB Serial Driver driver for the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential information...

The vulnerability of the OTRS ticket request system, related to the lack of measures taken to protect the website structure, allows a hacker to carry out XSS attacks.

The vulnerability of the OTRS ticket request system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

The vulnerability of Microsoft Windows Defender operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Microsoft Windows Defender operating system lies in the lack of protection for service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of microprogrammed solid-state storage devices like Intel SSDs lies in the lack of protection for operational data. This allows attackers to exploit their privileges and gain unauthorized access to protected information.

The vulnerability of Intel SSD microprogramming software is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to enhance their privileges and gain unauthorized access to protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using specially created links...

CVE-2019-4291

IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697...

The vulnerability of microprogrammed storage software for Intel SSDs lies in the lack of protection for operational data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed solid-state storage devices like Intel SSDs lies in the lack of protection for operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the Tricon Communications Module, related to the lack of protection for operational data, allows attackers to disclose the protected information.

The vulnerability of the Tricon Communications Module is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the HECI subsystem of the microprogramming software Intel Converged Security and Manageability Engine and Intel Server Platform Services allows attackers to disclose protected information.

The vulnerability of the HECI microprogramming software’s subsystem, including Intel Converged Security and Manageability Engine and Intel Server Platform Services, is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to disclose sensitive...

The vulnerability of Mozilla Firefox’s Reader View reading mode allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Reader View reading mode in Mozilla Firefox browser is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

The vulnerability of the HP System Management Homepage software allows a perpetrator to obtain confidential information.

The vulnerability of the HP System Management Homepage software relates to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information...

The vulnerability of the Firefox browser, which allows a hacker to execute cross-site scripting attacks

The vulnerability of the nsCSPHostSrc::permits function in Firefox exists due to the lack of measures taken to protect web page structures. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code remotely...