Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digit vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36895
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb ("usb: gadget: uvc: Generalise helper functions for reuse&q...
NA
CVE-2024-4601
An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an malicious user to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer val...
NA
CVE-2024-25730
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy (only about one million possibilities).
NA
CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six charact...
Ubeeinteractive Ddw365 Firmware -
NA
CVE-2023-40038
Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last digit.)
Arris Dg860a Firmware -
Arris Dg1670a Firmware Ts0901203b6 020420 16xx.gw Pc20 Tw
NA
CVE-2023-49949
Passwork prior to 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes.
Passwork Passwork
NA
CVE-2023-49790
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. N...
Nextcloud Nextcloud
NA
CVE-2023-43650
JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-dig...
Fit2cloud Jumpserver
NA
CVE-2023-3222
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote malicious user to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to...
Password Recovery Project Password Recovery 1.2
NA
CVE-2023-1285
Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition in Ethernet communication by ...
Mitsubishielectric Gc-enet-com Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »