EUVD-2026-5342

OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally configurable single sign on with SAML via an external ID...

EUVD-2012-4877

Malware in sbrugna...

EUVD-2020-23234

Malware in sbrugna...

EUVD-2022-4934

Malicious code in bioql PyPI...

CVE-2024-45208

The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability HA information using a shared password. Affected versions of Versa Director bound to these ports o...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. that simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from HA communication using a shared password, which could lead to...

CVE-2020-11037

In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

CVE-2024-5634

Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a specific pattern. Once the pattern is known, brute-forcing the password becomes relatively easy. Additionally, every camera with the same firmware version shares the same...

PT-2023-2468 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 24.0.10 Nextcloud Server versions prior to 25.0.4 Description: The issue is related to the generated fallback password when creating a share in Nextcloud Server, which uses a weak complexity random number...

GHSA-Q9QR-H33G-FW3J TeamPass Storing Passwords in a Recoverable Format vulnerability

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

CVE-2020-35567

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The software uses a secure password for database access, but this password is shared across instances...

Torchbox Wagtail Competitive Conditions Issue Vulnerability

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A security vulnerability exists in Torchbox Wagtail versions prior to 2.7.2 and prior to 2.8.2. An attacker could exploit the vulnerability to obtain a shared password used to protect a page or document...

CVE-2020-11037

In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

PYSEC-2020-153

In Wagtail before versions 2.7.2 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

PYSEC-2020-153

In Wagtail before versions 2.7.2 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

PT-2020-12505 · Wagtail · Wagtail

Name of the Vulnerable Software and Affected Versions: Wagtail versions prior to 2.7.3 Wagtail versions prior to 2.8.2 Description: A potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is...

CVE-2019-19461

Post-authentication Stored XSS in Team Password Manager through 7.93.204 allows attackers to steal other users' credentials by creating a shared password with HTML code as the title...

CVE-2019-19461

Post-authentication Stored XSS in Team Password Manager through 7.93.204 allows attackers to steal other users' credentials by creating a shared password with HTML code as the title...

CVE-2019-1000001

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

Design/Logic Flaw

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...