Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
brute force vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-1033
Serv-U FTP Server allows remote malicious users to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users.
Cat Soft Serv-u 2.5x
1 EDB exploit
2 Github repositories
5
CVSSv2
CVE-2001-1338
Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote malicious users to determine accounts on the system.
Beck Ipc Gmbh Ipc At Chip Telnetd Server
4.3
CVSSv2
CVE-2018-5389
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulner...
Ietf Internet Key Exchange 1.0
10
CVSSv2
CVE-2004-0524
Buffer overflow in the chpasswd command in the Change_passwd plugin prior to 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
2 EDB exploits
6.8
CVSSv2
CVE-2009-4907
Multiple cross-site request forgery (CSRF) vulnerabilities in oBlog allow remote malicious users to hijack the authentication of administrators for requests that (1) change the admin password, (2) force an admin logout, (3) change the visibility of posts, (4) remove links, and (5...
Dootzky Oblog
1 EDB exploit
4.3
CVSSv2
CVE-2009-4908
Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) commentName, (2) commentEmail, (3) commentWeb, or (4) commentText parameter to article.php; and allow remote authenticated administrators t...
Dootzky Oblog
1 EDB exploit
5.8
CVSSv2
CVE-2011-5053
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote malicious users to discover the PIN value, and consequently discover...
Wi-fi Wifi Protected Setup Protocol
1 EDB exploit
5
CVSSv2
CVE-2014-5381
Grand MA 300 allows a brute-force attack on the PIN.
Granding Grand Ma300 Firmware 6.60
1 EDB exploit
4.3
CVSSv2
CVE-2008-3280
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS ...
Openid Openid -
1 EDB exploit
6.4
CVSSv2
CVE-2012-3137
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote malicious users to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to c...
Oracle Database Server 10.2.0.3
Oracle Database Server 10.2.0.4
Oracle Database Server 10.2.0.5
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.2
Oracle Database Server 11.2.0.3
Oracle Primavera P6 Enterprise Project Portfolio Management 8.4
Oracle Primavera P6 Enterprise Project Portfolio Management 8.2
Oracle Primavera P6 Enterprise Project Portfolio Management 8.3
1 EDB exploit
2 Nmap scripts
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »