Total
195 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-4576 | 2 Ibm, Linux | 2 Qradar Network Packet Capture, Linux Kernel | 2024-09-16 | 9.8 Critical |
| IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166803. | ||||
| CVE-2022-1668 | 1 Secheron | 2 Sepcos Control And Protection Relay, Sepcos Control And Protection Relay Firmware | 2024-09-16 | 9.8 Critical |
| Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP port for SSH. | ||||
| CVE-2020-4245 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-09-16 | 7.5 High |
| IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423. | ||||
| CVE-2019-4321 | 1 Ibm | 3 Intelligent Operations Center, Intelligent Operations Center For Emergency Management, Water Operations For Waternamics | 2024-09-16 | 7.5 High |
| IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for Emergency Management V5.1.0 - V5.1.0.6, and IBM Water Operations for Waternamics V5.1.0 - V5.2.1.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 161201. | ||||
| CVE-2019-17444 | 1 Jfrog | 1 Artifactory | 2024-09-16 | 9.8 Critical |
| Jfrog Artifactory uses default passwords (such as "password") for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. This issue affects Jfrog Artifactory versions prior to 6.17.0. | ||||
| CVE-2020-25153 | 1 Moxa | 2 Nport Iaw5000a-i\/o, Nport Iaw5000a-i\/o Firmware | 2024-09-16 | 9.8 Critical |
| The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords. | ||||
| CVE-2019-4698 | 1 Ibm | 2 Guardium Data Encryption, Guardium For Cloud Key Management | 2024-09-16 | 7.5 High |
| IBM Security Guardium Data Encryption (GDE) 3.0.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 171929. | ||||
| CVE-2018-1680 | 1 Ibm | 1 Security Privileged Identity Manager | 2024-09-16 | N/A |
| IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 145236. | ||||
| CVE-2021-35498 | 1 Tibco | 2 Ebx, Product And Service Catalog Powered By Tibco Ebx | 2024-09-16 | 9.8 Critical |
| The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerability that under certain specific conditions allows an attacker to enter a password other than the legitimate password and it will be accepted as valid. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.123 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, and 5.9.14, TIBCO EBX: versions 6.0.0 and 6.0.1, and TIBCO Product and Service Catalog powered by TIBCO EBX: version 1.0.0. | ||||
| CVE-2021-20418 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2024-09-16 | 9.8 Critical |
| IBM Security Guardium 11.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 196279. | ||||
| CVE-2019-4067 | 1 Ibm | 3 Intelligent Operations Center, Intelligent Operations Center For Emergency Management, Water Operations For Waternamics | 2024-09-16 | 7.5 High |
| IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012. | ||||
| CVE-2019-3758 | 1 Rsa | 1 Archer | 2024-09-16 | 9.8 Critical |
| RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts. | ||||
| CVE-2021-38462 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2024-09-16 | 9.8 Critical |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obtained user credentials to enumerate passwords and impersonate other application users and perform operations on their behalf. | ||||
| CVE-2017-1597 | 1 Ibm | 1 Security Guardium | 2024-09-16 | N/A |
| IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132610. | ||||
| CVE-2023-37503 | 1 Hcltech | 1 Hcl Compass | 2024-09-12 | 8.1 High |
| HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts. | ||||
| CVE-2023-41353 | 1 Nokia | 2 G-040w-q, G-040w-q Firmware | 2024-09-06 | 8.8 High |
| Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service. | ||||
| CVE-2023-40539 | 1 Philips | 1 Vue Pacs | 2024-09-05 | 4.4 Medium |
| Philips Vue PACS does not require that users have strong passwords, which could make it easier for attackers to compromise user accounts. | ||||
| CVE-2023-29974 | 1 Pfsense | 1 Pfsense | 2024-09-04 | 9.8 Critical |
| An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. | ||||
| CVE-2024-1346 | 2024-08-28 | 6.8 Medium | ||
| Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants. | ||||
| CVE-2022-39997 | 1 Teldat | 2 Rs123 Firmware, Rs123w Firmware | 2024-08-28 | 8 High |
| A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges | ||||