18 matches found
web-app-security-project
🛡️ Web Application Security Project 📌 Overview This projec...
Weak Password Storage
github.com/neuvector/neuvector is vulnerable to Weak Password Storage. The vulnerability is due to storing user passwords and API keys with a simple, unsalted hash, making them susceptible to offline rainbow-table attacks...
CVE-2024-51552
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-51552 Weak Password Storage
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-51552 Weak Password Storage
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-51552
PT-2025-22547 confirms a weak password storage vulnerability affecting ABB products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series up to version 3.*. Root cause: weak password storage leading to credential disclosure. Remediation: update to a version that addresses the weak password storage ...
ABB多款产品 安全漏洞
ABB ASPECT and others are products of ABB Switzerland.ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A security vulnerability exists in several ABB products that...
PT-2025-22547 · Unknown · Nexus Series +2
Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3. NEXUS Series versions through 3. MATRIX Series versions through 3. Description: Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromised. Recommendations: For...
Akuvox E11
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Akuvox Equipment: E11 Vulnerabilities: Generation of Predictable IV with CBC, User of Hard-coded Cryptographic Key, Missing Authentication for Critical Function, Storing Passwords in a Recoverable...
CVE-2020-12069
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device...
SUSE-SU-2022:3602-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Updated to version 7.3.6.2 jscSLE-23448: - CVE-2022-3140: Fixed macro URL arbitrary script execution bsc1203209. - CVE-2022-26305: Fixed execution of untrusted Macros due to improper certificate validation bsc1201868. - CVE-2022-26307: Fixed...
Sierra Wireless GX440 weak password storage vulnerability (CNVD-2017-10185)
The Sierra Wireless GX440 is a gateway device from Sierra Wireless Canada. The Sierra Wireless GX440 suffers from a weak password storage vulnerability that can be exploited by a remote attacker to submit a special request and obtain sensitive information...
CVE-2016-6602
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit...
WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities
Exploit for jsp platform in category web applications Multiple vulnerabilities in WebNMS Framework Server 5.2 and 5.2 SP1 Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Disclosure: 04/07/2016 / Las...
CollabNet Subversion Edge weak password storage mechanism
Vuln Title: The CollabNet Subversion Edge stores passwords as unsalted MD5 hashes Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Insecure password storage Risk: Medium Status: public/fixed...
ESA-2014-094: EMC Avamar Weak Password Storage Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-094: EMC Avamar Weak Password Storage Vulnerability EMC Identifier: ESA-2014-094 CVE Identifier: CVE-2014-4623 Severity Rating: 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C Affected products: ? EMC Avamar Data Store ADS GEN4S and Avamar Virtual Edition AVE...
Authentec UPEK Protector Suite Weak Password Storage
The remote host has, or has had Authentec UPEK Protector Suite installed. Nessus was able to decrypt user credentials stored in an insecure manner in the Windows registry by UPEK Protector Suite. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62627; scriptversion"1.7...
aenovoSQL.txt
Aenovo Multiple Vulnerabilities KAPDA::3 - Aenovo - Multiple Vulnerabilities KAPDA New advisory Vulnerable products : Aenovov Trials tested,Hopefully all other versions, AenovoShop and aeNovoWYSI v Demos tested,Hopefully all other versions Vendor: http://www.aenovo.co.uk/ Risk: High Vulnerability...