Total
195 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1753 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 5.5 Medium |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-0793 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 7.1 High |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. | ||||
| CVE-2023-0641 | 1 Employee Leaves Management System Project | 1 Employee Leaves Management System | 2024-08-02 | 3.7 Low |
| A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password requirements. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220021 was assigned to this vulnerability. | ||||
| CVE-2023-0564 | 1 Froxlor | 1 Froxlor | 2024-08-02 | 5.4 Medium |
| Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10. | ||||
| CVE-2023-0569 | 1 Publify Project | 1 Publify | 2024-08-02 | 6.5 Medium |
| Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2023-0307 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 9.8 Critical |
| Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. | ||||
| CVE-2024-35137 | 1 Ibm | 2 Security Access Manager, Security Verify Access Docker | 2024-08-02 | 6.2 Medium |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413. | ||||
| CVE-2024-32213 | 1 Lomag | 1 Warehouse Management | 2024-08-02 | 5.3 Medium |
| The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. By default, hard-coded passwords of 10 characters with little or no complexity are allowed. | ||||
| CVE-2024-29208 | 2024-08-02 | N/A | ||
| An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password. Affected Products: UniFi Connect EV Station (Version 1.1.18 and earlier) UniFi Connect EV Station Pro (Version 1.1.18 and earlier) UniFi Connect Display (Version 1.9.324 and earlier) UniFi Connect Display Cast (Version 1.6.225 and earlier) Mitigation: Update UniFi Connect Application to Version 3.10.7 or later. Update UniFi Connect EV Station to Version 1.2.15 or later. Update UniFi Connect EV Station Pro to Version 1.2.15 or later. Update UniFi Connect Display to Version 1.11.348 or later. Update UniFi Connect Display Cast to Version 1.8.255 or later. | ||||
| CVE-2024-25729 | 2024-08-01 | 8.8 High | ||
| Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.) | ||||
| CVE-2024-22355 | 2024-08-01 | 5.9 Medium | ||
| IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781. | ||||
| CVE-2024-3735 | 2024-08-01 | 3.7 Low | ||
| A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Confirm Password with the input 1 leads to weak password requirements. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-260574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3263 | 2024-08-01 | 9.8 Critical | ||
| YMS VIS Pro is an information system for veterinary and food administration, veterinarians and farm. Due to a combination of improper method for system credentials generation and weak password policy, passwords can be easily guessed and enumerated through brute force attacks. Successful attacks can lead to unauthorised access and execution of operations based on assigned user permissions. This vulnerability affects VIS Pro in versions <= 3.3.0.6. This vulnerability has been mitigated by changes in authentication mechanisms and implementation of additional authentication layer and strong password policies. | ||||
| CVE-2024-1345 | 2024-08-01 | 6.8 Medium | ||
| Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password. | ||||
| CVE-2024-0188 | 1 Nia | 1 Rrj Nueva Ecija Engineer Online Portal | 2024-08-01 | 3.1 Low |
| A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file change_password_teacher.php. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-249501 was assigned to this vulnerability. | ||||