Total
211 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1753 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 5.5 MEDIUM |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-0793 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 7.1 HIGH |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. | |||||
| CVE-2023-0641 | 1 Employee Leaves Management System Project | 1 Employee Leaves Management System | 2024-11-21 | 2.6 LOW | 3.7 LOW |
| A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability. | |||||
| CVE-2023-0564 | 1 Froxlor | 1 Froxlor | 2024-11-21 | N/A | 5.4 MEDIUM |
| Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. | |||||
| CVE-2023-0307 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. | |||||
| CVE-2022-41969 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | N/A | 2.4 LOW |
| Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, don't create user accounts with long passwords. | |||||
| CVE-2022-3754 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | |||||
| CVE-2022-3376 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 5.3 MEDIUM |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | |||||
| CVE-2022-3326 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 4.3 MEDIUM |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. | |||||
| CVE-2022-3268 | 1 Ikus-soft | 1 Minarca | 2024-11-21 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. | |||||
| CVE-2022-3179 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 8.8 HIGH |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. | |||||
| CVE-2022-37158 | 1 Iocoder | 1 Ruoyi-vue-pro | 2024-11-21 | N/A | 9.8 CRITICAL |
| RuoYi v3.8.3 has a Weak password vulnerability in the management system. | |||||
| CVE-2022-36301 | 1 Bosch | 1 Bf-os | 2024-11-21 | N/A | 9.8 CRITICAL |
| BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password. | |||||
| CVE-2022-35280 | 2 Ibm, Microsoft | 2 Robotic Process Automation For Cloud Pak, Windows | 2024-11-21 | N/A | 9.8 CRITICAL |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634. | |||||
| CVE-2022-35143 | 1 Raneto Project | 1 Raneto | 2024-11-21 | N/A | 9.8 CRITICAL |
| Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. | |||||
| CVE-2022-34772 | 1 Tabit | 1 Tabit | 2024-11-21 | N/A | 4.3 MEDIUM |
| Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting. | |||||
| CVE-2022-34615 | 1 Mealie | 1 Mealie | 2024-11-21 | N/A | 9.8 CRITICAL |
| Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. | |||||
| CVE-2022-34333 | 1 Ibm | 1 Sterling Order Management | 2024-11-21 | N/A | 5.9 MEDIUM |
| IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698. | |||||
| CVE-2022-32513 | 1 Schneider-electric | 12 5500ac2, 5500ac2 Firmware, 5500nac and 9 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brute forces the password. Affected Products: C-Bus Network Automation Controller - LSS5500NAC (Versions prior to V1.10.0), Wiser for C-Bus Automation Controller - LSS5500SHAC (Versions prior to V1.10.0), Clipsal C-Bus Network Automation Controller - 5500NAC (Versions prior to V1.10.0), Clipsal Wiser for C-Bus Automation Controller - 5500SHAC (Versions prior to V1.10.0), SpaceLogic C-Bus Network Automation Controller - 5500NAC2 (Versions prior to V1.10.0), SpaceLogic C-Bus Application Controller - 5500AC2 (Versions prior to V1.10.0) | |||||
| CVE-2022-31211 | 1 Infiray | 2 Iray-a8z3, Iray-a8z3 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default. | |||||