ReportizFlow
Filtered by vendor
Subscriptions
Total
231 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25729 | 2024-11-21 | 8.8 High | ||
| Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.) | ||||
| CVE-2024-0676 | 1 Lamassu | 4 Douro, Douro Firmware, Douro Ii and 1 more | 2024-11-21 | 5.6 Medium |
| Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack. | ||||
| CVE-2024-0347 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2024-11-21 | 3.7 Low |
| A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signup_teacher.php. The manipulation of the argument Password leads to weak password requirements. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250115. | ||||
| CVE-2023-7053 | 1 Phpgurukul | 1 Online Notes Sharing System | 2024-11-21 | 3.1 Low |
| A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248740. | ||||
| CVE-2023-50305 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-11-21 | 5.1 Medium |
| IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336. | ||||
| CVE-2023-4125 | 1 Answer | 1 Answer | 2024-11-21 | 8.8 High |
| Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. | ||||
| CVE-2023-43016 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2024-11-21 | 7.3 High |
| IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: 266154. | ||||
| CVE-2023-41923 | 2024-11-21 | 7.2 High | ||
| The user management section of the web application permits the creation of user accounts with excessively weak passwords, including single-character passwords. | ||||
| CVE-2023-41353 | 1 Nokia | 2 G-040w-q, G-040w-q Firmware | 2024-11-21 | 8.8 High |
| Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service. | ||||
| CVE-2023-40707 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-11-21 | 8.6 High |
| There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials. | ||||
| CVE-2023-3089 | 1 Redhat | 18 Acm, Amq Streams, Container Native Virtualization and 15 more | 2024-11-21 | 7 High |
| A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | ||||
| CVE-2023-37756 | 1 I-doit | 1 I-doit | 2024-11-21 | 9.8 Critical |
| I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack. | ||||
| CVE-2023-37503 | 1 Hcltech | 1 Hcl Compass | 2024-11-21 | 8.1 High |
| HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts. | ||||
| CVE-2023-34995 | 1 Piigab | 2 M-bus 900s, M-bus 900s Firmware | 2024-11-21 | 7.5 High |
| There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines. | ||||
| CVE-2023-31098 | 1 Apache | 1 Inlong | 2024-11-21 | 9.8 Critical |
| Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user's password and access the account. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 https://github.com/apache/inlong/pull/7805 to solve it. | ||||
| CVE-2023-29974 | 1 Pfsense | 1 Pfsense | 2024-11-21 | 9.8 Critical |
| An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. | ||||
| CVE-2023-0641 | 1 Employee Leaves Management System Project | 1 Employee Leaves Management System | 2024-11-21 | 3.7 Low |
| A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability. | ||||
| CVE-2022-3376 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | 5.3 Medium |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | ||||
| CVE-2022-3179 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | 8.8 High |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. | ||||
| CVE-2022-37158 | 1 Iocoder | 1 Ruoyi-vue-pro | 2024-11-21 | 9.8 Critical |
| RuoYi v3.8.3 has a Weak password vulnerability in the management system. | ||||