PT-2026-34764

OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...

TeamPass Storing Passwords in a Recoverable Format vulnerability

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

CVE-2019-1000001

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities

Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...

shard - A Command Line Tool To Detect Shared Passwords

A command line tool to detect shared passwords Usage List options: $ java -jar shard-1.2.jar --help Shard 1.2 Usage: java -jar shard-1.2.jar options -u, --username Username to test -p, --password Password to test -f, --file File containing a set of credentials --format The format of the...

Detect Shared Passwords: shard

A command line tool to detect shared passwords List available modules: $ java -jar shard-1.0.jar -l Available modules: Facebook LinkedIn Reddit Twitter Instagram Given a username and password shard will attempt to authenticate with multiple sites: $ java -jar shard-1.0.jar -u -p - Tried credentia...

GE Healthcare Centricity PACS-IW Built-in Account Vulnerability

GE Healthcare Centricity PACS-IW is an image archiving and delivery system for the healthcare industry. Built-in accounts exist for GE Healthcare Centricity PACS-IW, with 'shared' passwords for shared users; and 'scan' passwords for scan users, allowing remote attackers to to utilize these accoun...

confixx (remote access)

hi, Information about Confixx from http://www.confixx.de: ====================================================== Confixx is a comfortable tool to automate customer administration on Linux-based webservers with graphic interfaces for Admin, Resellers and End Users. Currently there are more than 42...