Lucene search
K

4 matches found

Snyk
Snyk
added 2025/08/28 1:33 p.m.2 views

Use of Default Credentials

Overview Affected versions of this package are vulnerable to Use of Default Credentials for the admin account. An attacker can gain full administrative access by using the default credentials if the password is not changed after deployment. Workaround This vulnerability can be mitigated by loggin...

9.8CVSS7.2AI score0.0052EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/28 1:33 p.m.2 views

Use of Default Credentials

Overview Affected versions of this package are vulnerable to Use of Default Credentials for the admin account. An attacker can gain full administrative access by using the default credentials if the password is not changed after deployment. Workaround This vulnerability can be mitigated by loggin...

9.8CVSS7.2AI score0.0052EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/28 1:33 p.m.5 views

Missing Password Field Masking

Overview Affected versions of this package are vulnerable to Missing Password Field Masking due to improper handling of process command arguments containing sensitive information. An attacker can obtain confidential data by accessing security event logs where sensitive arguments, such as password...

6.9CVSS7AI score0.00231EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/28 1:33 p.m.14 views

NeuVector has an insecure password storage and is vulnerable to rainbow attack

Impact NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack offline attack where hashes of known passwords are precomputed. NeuVector generates a cryptographically secure, random 16-character salt and uses it with the PBKDF2...

5.3CVSS5.8AI score0.00162EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder