Total
216 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34240 | 1 Fit2cloud | 1 Cloudexplorer Lite | 2024-11-21 | N/A | 6.5 MEDIUM |
| Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong passwords. This vulnerability has been fixed in version 1.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-31098 | 1 Apache | 1 Inlong | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0. When users change their password to a simple password (with any character or symbol), attackers can easily guess the user's password and access the account. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7805 https://github.com/apache/inlong/pull/7805 to solve it. | |||||
| CVE-2023-2160 | 1 Modoboa | 1 Modoboa | 2024-11-21 | N/A | 6.3 MEDIUM |
| Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. | |||||
| CVE-2023-2060 | 1 Mitsubishielectric | 8 Fx5-enet\/ip, Fx5-enet\/ip Firmware, Rj71eip91 and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing. | |||||
| CVE-2023-29974 | 1 Pfsense | 1 Pfsense | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. | |||||
| CVE-2023-22451 | 1 Kiwitcms | 1 Kiwi Tcms | 2024-11-21 | N/A | 6.5 MEDIUM |
| Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords, there is no validation in place which would prevent them from picking an easy to guess password. This issue is resolved by providing defaults for the `AUTH_PASSWORD_VALIDATORS` configuration setting. As of version 11.7, the password can’t be too similar to other personal information, must contain at least 10 characters, can’t be a commonly used password, and can’t be entirely numeric. As a workaround, an administrator may reset all passwords in Kiwi TCMS if they think a weak password may have been chosen. | |||||
| CVE-2023-1753 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 5.5 MEDIUM |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-0793 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 7.1 HIGH |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. | |||||
| CVE-2023-0641 | 1 Employee Leaves Management System Project | 1 Employee Leaves Management System | 2024-11-21 | 2.6 LOW | 3.7 LOW |
| A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability. | |||||
| CVE-2023-0564 | 1 Froxlor | 1 Froxlor | 2024-11-21 | N/A | 5.4 MEDIUM |
| Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. | |||||
| CVE-2023-0307 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. | |||||
| CVE-2022-41969 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | N/A | 2.4 LOW |
| Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, don't create user accounts with long passwords. | |||||
| CVE-2022-3754 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | |||||
| CVE-2022-3376 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 5.3 MEDIUM |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | |||||
| CVE-2022-3326 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 4.3 MEDIUM |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. | |||||
| CVE-2022-3268 | 1 Ikus-soft | 1 Minarca | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. | |||||
| CVE-2022-3179 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 8.8 HIGH |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. | |||||
| CVE-2022-37158 | 1 Iocoder | 1 Ruoyi-vue-pro | 2024-11-21 | N/A | 9.8 CRITICAL |
| RuoYi v3.8.3 has a Weak password vulnerability in the management system. | |||||
| CVE-2022-36301 | 1 Bosch | 1 Bf-os | 2024-11-21 | N/A | 9.8 CRITICAL |
| BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password. | |||||
| CVE-2022-35280 | 2 Ibm, Microsoft | 2 Robotic Process Automation For Cloud Pak, Windows | 2024-11-21 | N/A | 9.8 CRITICAL |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634. | |||||