17 matches found
CVE-2026-11792 389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)
A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...
EUVD-2006-0871
Malware in sbrugna...
EUVD-2022-7012
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2011-4931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpw generates shorter passwords than required CVE-2011-4931 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 8090...
Moxa ioLogik E1200 Series Weak Password Requirements (CVE-2016-8379)
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
PT-2022-5350 · Sudo +5 · Sudo +5
Name of the Vulnerable Software and Affected Versions: Sudo versions 1.8.0 through 1.9.12 Description: The issue is related to an array-out-of-bounds error in the plugins/sudoers/auth/passwd.c file of the Sudo program when using the crypt password backend. This error can result in a heap-based...
cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py
A flaw was found in cloud-init, where it uses short passwords when generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the victim user...
CVE-2020-15115
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort...
PT-2020-14197 · Coreos +1 · Etcd +1
Name of the Vulnerable Software and Affected Versions: etcd versions prior to 3.3.23 etcd versions prior to 3.4.10 Description: The issue allows for very short passwords, such as those with a length of one, which may enable an attacker to guess or brute-force users' passwords with little...
CVE-2020-8632
A flaw was found in cloud-init, where it uses short passwords when generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the victim user...
DEBIAN-CVE-2011-4931
gpw generates shorter passwords than required...
UBUNTU-CVE-2011-4931
gpw generates shorter passwords than required...
CVE-2016-8379
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
CVE-2016-8379
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
Code injection
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
CVE-2016-8379
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
CVE-2005-1062
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods...