Lucene search
+L

201 matches found

NVD
NVD
added 2026/04/17 4:17 p.m.6 views

CVE-2026-6284

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

9.3CVSS0.00449EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/17 3:14 p.m.32 views

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

9.3CVSS0.00449EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:33 p.m.2 views

CVE-2026-33771

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.8AI score0.00264EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/09 9:33 p.m.24 views

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS0.00264EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/29 3:50 p.m.6 views

Weak Password Requirements

Overview @openclaw/synology-chat is a Synology Chat channel plugin for OpenClaw Affected versions of this package are vulnerable to Weak Password Requirements due to insufficient rate limiting in the webhook authentication process. An attacker can repeatedly guess weak webhook tokens by sending...

6.9CVSS5.9AI score0.00244EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/27 10:37 p.m.7 views

Weak Password Requirements

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Weak Password Requirements in the authentication process for Telegram webhooks due to missing rate limiting on secret guesses. An attacker can repeatedly attempt to guess weak secrets by...

6.5CVSS5.9AI score0.00287EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/25 10:2 p.m.4 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...

9.3CVSS6AI score0.00428EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/25 10:2 p.m.3 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the authentication and session management process. An attacker can gain unauthorized access to user accounts and maintain persistent access even after a password change by exploiting weak password...

9.3CVSS6AI score0.00428EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/20 3:56 p.m.23 views

CVE-2026-25715 Jinan USR IOT Technology Limited (PUSR) USR-W610 Weak Password Requirements

The web management interface of the device allows the administrator username and password to be set to blank values. Once applied, the device permits authentication with empty credentials over the web management interface and Telnet service. This effectively disables authentication across all...

9.8CVSS0.0057EPSS
Exploits0References2
NVD
NVD
added 2026/01/25 11:15 p.m.12 views

CVE-2026-1408

A weakness has been identified in Beetel 777VR1 up to 01.00.09/01.00.0955. This vulnerability affects unknown code of the component UART Interface. Executing a manipulation can lead to weak password requirements. The physical device can be targeted for the attack. The attack requires a high level...

4.2CVSS0.00278EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.13 views

CVE-2022-35143

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks...

9.8CVSS6.9AI score0.01318EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.8 views

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

7.5CVSS6.8AI score0.01252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.10 views

CVE-2023-4125

Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0...

8.8CVSS6.8AI score0.00732EPSS
Exploits1References1
Veracode
Veracode
added 2025/12/13 7:26 a.m.7 views

Weak Password Requirements

MLflow is vulnerable to Weak Password Requirements. The vulnerability is due to weak password requirements in the authentication mechanism, which allows an attacker to bypass authentication and gain unauthorized access to the system...

9.8CVSS7.1AI score0.01492EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.17 views

PT-2025-50904

Name of the Vulnerable Software and Affected Versions Apache Fineract versions through 1.10.1 Description Apache Fineract is affected by a weak password requirements issue. Upgrade to version 1.11.0 or later to address this. Users are encouraged to upgrade to version 1.13.0, the latest release...

8.5CVSS6.7AI score0.00448EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.9 views

Apache Fineract 安全漏洞

Apache Fineract is a set of open source digital financial services platform of the U.S. Apache Apache Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. Apache Fineract suffers from an informatio...

8.5CVSS6AI score0.00448EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/14 11:22 p.m.3 views

CVE-2025-55034 General Industrial Controls Lynx+ Gateway Weak Password Requirements

General Industrial Controls Lynx+ Gateway is vulnerable to a weak password requirement vulnerability, which may allow an attacker to execute a brute-force attack resulting in unauthorized access and login...

8.8CVSS6.9AI score0.00271EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/29 9:30 p.m.5 views

EUVD-2025-36706

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords...

8.1CVSS6.7AI score0.01492EPSS
Exploits0References3
OSV
OSV
added 2025/10/29 9:30 p.m.6 views

GHSA-6XJ8-RRQX-R4CV MLflow Weak Password Requirements Authentication Bypass Vulnerability

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords...

8.1CVSS7.2AI score0.01492EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/29 9:30 p.m.9 views

MLflow Weak Password Requirements Authentication Bypass Vulnerability

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords...

9.8CVSS7.2AI score0.01492EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder