14 matches found
EUVD-2021-23355
Malware in sbrugna...
EUVD-2025-12381
Malicious code in bioql PyPI...
CVE-2025-3838
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...
CVE-2025-3838
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...
CVE-2025-3838 Improper Authorization in the installer for the EOL OVA based connect component
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...
CVE-2025-3838
CVE-2025-3838 affects the EOL OVA based connect component used for installation in internal networks. The issue is improper authorization that could let an attacker access the local database containing weakly hashed installer credentials. CVSS 4.0 data indicate A: Adjacent, AC: High, PR: None, UI...
PT-2025-17431 · Unknown · Eol Ova Based Connect
Name of the Vulnerable Software and Affected Versions: EOL OVA based connect component affected versions not specified Description: An Improper Authorization issue was identified in the EOL OVA based connect component, which could allow unauthorized access to the local database containing weakly...
CVE-2021-36767
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...
Design/Logic Flaw
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...
CVE-2021-36767
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...
CVE-2021-36767
Summary of CVE-2021-36767 (Digi RealPort) : Affected software is Digi RealPort up to version 4.10.490. The authentication uses a challenge-response mechanism that exposes access to the server password; an unauthenticated client can trigger the server to return a weakly-hashed version of the passw...
Windows Gather Avira Password Extraction
This module extracts the weakly hashed password which is used to protect a Avira Antivirus 'Windows Gather Avira Password Extraction', 'Description' = %q This module extracts the weakly hashed password which is used to protect a Avira Antivirus MSFLICENSE, 'Author' = 'Robert Kugler / robertchrk',...
Nmap NSE net: wdb-version
Detects vulnerabilities and gathers information such as version numbers and hardware support from VxWorks Wind DeBug agents. Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular VxWorks real-time embedded operating system. H.D. Moore of Metasploit ha...
wdb-version NSE Script
Detects vulnerabilities and gathers information such as version numbers and hardware support from VxWorks Wind DeBug agents. Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular VxWorks real-time embedded operating system. H.D. Moore of Metasploit ha...