Total
212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-11069 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change. | |||||
| CVE-2015-8033 | 1 Textpattern | 1 Textpattern | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account. | |||||
| CVE-2011-4931 | 2 Debian, Gpw Project | 2 Debian Linux, Gpw | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| gpw generates shorter passwords than required | |||||
| CVE-2024-51398 | 2024-11-05 | N/A | 6.5 MEDIUM | ||
| Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously threatening network security. | |||||
| CVE-2024-47121 | 1 Gotenna | 1 Gotenna Pro | 2024-11-01 | N/A | 5.3 MEDIUM |
| The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent via encrypted broadcast with that particular key. This only applies when the key is broadcasted over RF. This is an optional feature, so it is recommended to use local QR encryption key sharing for additional security on this and previous versions. | |||||
| CVE-2024-45374 | 1 Gotenna | 1 Gotenna | 2024-10-17 | N/A | 6.5 MEDIUM |
| The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack, it is possible to decrypt it and use it to decrypt all future and past messages sent via encrypted broadcast with that particular key. This only applies when the key is broadcasted over RF. This is an optional feature, so it is advised to use local QR encryption key sharing for additional security on this and previous versions. | |||||
| CVE-2024-7293 | 1 Progress | 1 Telerik Reporting | 2024-10-15 | N/A | 8.8 HIGH |
| In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements. | |||||
| CVE-2021-38133 | 1 Microfocus | 1 Edirectory | 2024-09-18 | N/A | 6.5 MEDIUM |
| Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | |||||
| CVE-2022-39997 | 2024-08-28 | N/A | 8.0 HIGH | ||
| A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges | |||||
| CVE-2024-40697 | 1 Ibm | 1 Common Licensing | 2024-08-22 | N/A | 7.5 HIGH |
| IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895. | |||||
| CVE-2024-42850 | 2024-08-19 | N/A | 9.8 CRITICAL | ||
| An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. | |||||
| CVE-2024-41683 | 1 Siemens | 1 Location Intelligence | 2024-08-14 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords. | |||||