Total
195 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3268 | 1 Ikus-soft | 1 Minarca | 2024-08-03 | 9.8 Critical |
| Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. | ||||
| CVE-2022-3179 | 1 Ikus-soft | 1 Rdiffweb | 2024-08-03 | 8.8 High |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. | ||||
| CVE-2022-2927 | 1 Notrinos | 1 Notrinoserp | 2024-08-03 | 9.8 Critical |
| Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. | ||||
| CVE-2022-2098 | 1 Kromit | 1 Titra | 2024-08-03 | 9.8 Critical |
| Weak Password Requirements in GitHub repository kromitgmbh/titra prior to 0.78.1. | ||||
| CVE-2022-1775 | 1 Trudesk Project | 1 Trudesk | 2024-08-03 | 9.8 Critical |
| Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. | ||||
| CVE-2022-1236 | 1 Weseek | 1 Growi | 2024-08-02 | 6.5 Medium |
| Weak Password Requirements in GitHub repository weseek/growi prior to v5.0.0. | ||||
| CVE-2023-50305 | 1 Ibm | 2 Engineering Requirements Management Doors, Engineering Requirements Management Doors Web Access | 2024-08-02 | 5.1 Medium |
| IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336. | ||||
| CVE-2023-43016 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2024-08-02 | 7.3 High |
| IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote user to log into the server due to a user account with an empty password. IBM X-Force ID: 266154. | ||||
| CVE-2023-41923 | 2024-08-02 | 7.2 High | ||
| The user management section of the web application permits the creation of user accounts with excessively weak passwords, including single-character passwords. | ||||
| CVE-2023-38369 | 1 Ibm | 1 Security Access Manager Container | 2024-08-02 | 6.2 Medium |
| IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker images should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 261196. | ||||
| CVE-2023-34240 | 1 Fit2cloud | 1 Cloudexplorer Lite | 2024-08-02 | 6.5 Medium |
| Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong passwords. This vulnerability has been fixed in version 1.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-25184 | 1 Seiko-sol | 6 Skybridge Basic Mb-a130, Skybridge Basic Mb-a130 Firmware, Skybridge Mb-a200 and 3 more | 2024-08-02 | 7.5 High |
| Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier. | ||||
| CVE-2023-25072 | 1 Seiko-sol | 4 Skybridge Mb-a100, Skybridge Mb-a100 Firmware, Skybridge Mb-a110 and 1 more | 2024-08-02 | 7.5 High |
| Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. | ||||
| CVE-2023-24049 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2024-08-02 | 9.8 Critical |
| An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. | ||||
| CVE-2023-22451 | 1 Kiwitcms | 1 Kiwi Tcms | 2024-08-02 | 6.5 Medium |
| Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords, there is no validation in place which would prevent them from picking an easy to guess password. This issue is resolved by providing defaults for the `AUTH_PASSWORD_VALIDATORS` configuration setting. As of version 11.7, the password can’t be too similar to other personal information, must contain at least 10 characters, can’t be a commonly used password, and can’t be entirely numeric. As a workaround, an administrator may reset all passwords in Kiwi TCMS if they think a weak password may have been chosen. | ||||
| CVE-2023-7053 | 1 Phpgurukul | 1 Online Notes Sharing System | 2024-08-02 | 3.1 Low |
| A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248740. | ||||
| CVE-2023-3423 | 1 Fit2cloud | 1 Cloudexplorer Lite | 2024-08-02 | 8.8 High |
| Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0. | ||||
| CVE-2023-2160 | 1 Modoboa | 1 Modoboa | 2024-08-02 | 6.3 Medium |
| Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0. | ||||
| CVE-2023-2106 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.8 Critical |
| Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. | ||||
| CVE-2023-2060 | 1 Mitsubishielectric | 8 Fx5-enet\/ip, Fx5-enet\/ip Firmware, Rj71eip91 and 5 more | 2024-08-02 | 7.5 High |
| Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing. | ||||