Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
accounts vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-2897
Sierra Wireless ALEOS prior to 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote malicious users to obtain administrative access via a (1) SSH or (2) TELNET session.
Sierrawireless Aleos
7.5
CVSSv2
CVE-2017-8013
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon&quo...
Emc Data Protection Advisor 6.4.0
Emc Data Protection Advisor 6.3.0
NA
CVE-2022-32507
An issue exists on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE...
5
CVSSv2
CVE-2016-2358
Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts.
Milesight Ip Security Camera Firmware
5
CVSSv2
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
6.8
CVSSv2
CVE-2012-6631
Cross-site request forgery (CSRF) vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote malicious users to hijack the authentication of administrators for requests that add accounts via a new-client action.
Vessio Netbill 1.2
4.6
CVSSv2
CVE-2000-0433
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
Suse Suse Linux 6.1
Suse Suse Linux 6.3
Suse Suse Linux 6.4
Suse Suse Linux 6.2
2.1
CVSSv2
CVE-2005-2509
Unknown vulnerability in loginwindow in Mac OS X 10.4.2 and previous versions, when Fast User Switching is enabled, allows malicious users to log into other accounts if they know the passwords to at least two accounts.
Apple Mac Os X 10.0
Apple Mac Os X 10.0.1
Apple Mac Os X 10.0.2
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.6
Apple Mac Os X 10.2.7
Apple Mac Os X 10.2.8
Apple Mac Os X Server 10.0
Apple Mac Os X Server 10.1
Apple Mac Os X Server 10.1.1
Apple Mac Os X Server 10.1.2
Apple Mac Os X Server 10.3
Apple Mac Os X Server 10.3.1
Apple Mac Os X Server 10.3.2
Apple Mac Os X Server 10.3.3
Apple Mac Os X Server 10.3.4
Apple Mac Os X 10.1.3
Apple Mac Os X 10.1.4
Apple Mac Os X 10.1.5
Apple Mac Os X 10.2
Apple Mac Os X 10.3.4
Apple Mac Os X 10.3.5
7.5
CVSSv2
CVE-2005-1284
The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote malicious users to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request.
Argosoft Argosoft Mail Server 1.8.7.6
6
CVSSv2
CVE-2019-2386
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. This issue affects MongoDB Server v4.0 versi...
Mongodb Mongodb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »