28 matches found
EUVD-2023-38506
Malicious code in bioql PyPI...
EUVD-2023-36900
Malicious code in bioql PyPI...
EUVD-2023-41265
Malicious code in bioql PyPI...
EUVD-2023-39164
Malicious code in bioql PyPI...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Design/Logic Flaw
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
Authentication flaw
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Default credentials
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...
CVE-2023-37362 Weintek Weincloud Improper Authentication
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-37362 Weintek Weincloud Improper Authentication
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-32657 Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657 Weintek Weincloud Improper Restriction of Excessive Authentication Attempts
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657
CVE-2023-32657 affects Weintek Weincloud v0.13.6 (Account API) and prior, described as Improper Restriction of Excessive Authentication Attempts. The provided documents state an attacker could efficiently develop brute-force attacks on credentials by exploiting authentication hints in error messa...
CVE-2023-34429 Weintek Weincloud Improper Handling of Structural Elements
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-35134 Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...