7 matches found
CVE-2026-29781
Sliver is a command and control framework that uses a custom Wireguard netstack. In versions from 1.7.3 and prior, a vulnerability exists in the Sliver C2 server's Protobuf unmarshalling logic due to a systemic lack of nil-pointer validation. By extracting valid implant credentials and omitting...
The vulnerability of the Ruijie Reyee OS operating system, related to the lack of a password recovery mechanism, allows attackers to bypass existing security restrictions and execute a brute-force attack.
The vulnerability of the Ruijie Reyee OS operating system is related to the lack of a password recovery mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute an attack using brute-force methods...
The vulnerability of the “Forgotten Password” function on the IIoT platform of ifm Moneo devices, including IFM QHA300, IFM QHA210, and IFM QVA200, allows a hacker to change the administrator password.
The vulnerability of the “Forgotten Password” function on the IIoT platform of ifm Moneo devices, namely IFM QHA300, IFM QHA210, and IFM QVA200, is related to the lack of a password recovery mechanism. Exploiting this vulnerability could allow an attacker to remotely change the administrator’s...
The vulnerability of the platform for monitoring, managing, and improving LLM applications arises from the lack of a password recovery mechanism, allowing attackers to use the token for repeatedly changing user passwords.
The vulnerability of the platform for monitoring, managing, and improving LLM applications is related to the lack of a password recovery mechanism. Exploiting this vulnerability allows an attacker who operates remotely to use the token for repeatedly changing user passwords...
ALPINE-CVE-2023-46841
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses...
SUSE CVE-2023-46841
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses...
The vulnerability of the wp_insert_user function and testWPUpdateUser_should_deleteUsersLugsCache (user.php) in the WordPress content management system allows attackers to access sensitive data and compromise its integrity.
The vulnerability of the wpinsertuser function and testwpupdateusershoulddeleteuserslugscache in user.php of the WordPress content management system is related to a lack of password recovery mechanism. Exploiting this vulnerability could allow an attacker to gain access to sensitive data and...