12 matches found
CVE-2026-7671
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of...
CodeWise Tornet Scooter Mobile App 安全漏洞
The CodeWise Tornet Scooter Mobile App is a shared electric scooter management application developed by CodeWise. Version 4.75 of the CodeWise Tornet Scooter Mobile App contains a security vulnerability. This vulnerability stems from improper restrictions placed on excessive authentication attemp...
CVE-2026-7671
The CVE-2026-7671 entry concerns CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The vulnerability is tied to an unknown function in the file /TwoFactor that allows improper restriction of excessive authentication attempts. The issue is described as exploitable from remote with high compl...
CVE-2026-7671 CodeWise Tornet Scooter Mobile App TwoFactor excessive authentication
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of...
CVE-2026-7671 CodeWise Tornet Scooter Mobile App TwoFactor excessive authentication
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of...
CVE-2025-66558 Nextcloud Twofactor WebAuthn app was updated based on public key
Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...
CVE-2025-66558 Nextcloud Twofactor WebAuthn app was updated based on public key
Nextcloud Twofactor WebAuthn is the WebAuthn Two-Factor Provider for Nextcloud. Prior to 1.4.2 and 2.4.1, a missing ownership check allowed an attack to take-away a 2FA webauthn device when correctly guessing a 80-128 character long random string of letters, numbers and symbols. The victim would...
Syracom Secure Login 安全漏洞
Syracom Secure Login is a secure login plugin from Syracom. A security vulnerability exists in Syracom Secure Login that originates from a brute-force breaking of a secondary authentication PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint...
Malicious Package
Overview twofactortotp is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
openSUSE: Security Advisory for froxlor (openSUSE-SU-2021:0415-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : froxlor (openSUSE-2021-415)
This update for froxlor fixes the following issues : - Upstream upgrade to version 0.10.23 boo846355 - Upstream upgrade to version 0.10.22 boo846355 - BuildRequire cron as this contains now the cron directories - Use %license for COPYING file instead of %doc boo1082318 Upstream upgrade to version...
Security update for nextcloud (moderate)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2020:1652-1 Rating: moderate References: 1171572 1171579 1177346 Cross-References: CVE-2020-8154 CVE-2020-8155 CVE-2020-8183 CVE-2020-8228 CVE-2020-8233 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1...