28 matches found
EUVD-2023-36900
Malicious code in bioql PyPI...
EUVD-2023-38506
Malicious code in bioql PyPI...
EUVD-2023-39164
Malicious code in bioql PyPI...
EUVD-2023-41265
Malicious code in bioql PyPI...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Default credentials
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...
Authentication flaw
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Design/Logic Flaw
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-37362 Weintek Weincloud Improper Authentication
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-37362 Weintek Weincloud Improper Authentication
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-32657 Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657
CVE-2023-32657 affects Weintek Weincloud v0.13.6 (Account API) and prior, described as Improper Restriction of Excessive Authentication Attempts. The provided documents state an attacker could efficiently develop brute-force attacks on credentials by exploiting authentication hints in error messa...
CVE-2023-32657 Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-34429 Weintek Weincloud Improper Handling of Structural Elements
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-35134 Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...