Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2198
The Login Security module 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3 for Drupal allows malicious users to bypass intended restrictions via a crafted username.
Login Security Project Login Security
Login Security Project Login Security 6.x-1.0
Login Security Project Login Security 6.x-1.x
Login Security Project Login Security 7.x-1.x
6.2
CVSSv3
CVE-2021-24328
The WP Login Security and History WordPress plugin up to and including 1.0 did not have CSRF check when saving its settings, not any sanitisation or validation on them. This could allow malicious users to make logged in administrators change the plugin's settings to arbitrar...
Clogica Wp Login Security And History
8.8
CVSSv3
CVE-2023-37946
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and previous versions does not invalidate the previous session on login.
Jenkins Openshift Login
6.1
CVSSv3
CVE-2023-37947
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and previous versions improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing malicious users to perform phishing attacks.
Jenkins Openshift Login
6.4
CVSSv3
CVE-2022-23719
PingID Windows Login before 2.8 does not authenticate communication with a local Java service used to capture security key requests. An attacker with the ability to execute code on the target machine maybe able to exploit and spoof the local Java service using multiple attack vec...
Pingidentity Pingid Integration For Windows Login
5.5
CVSSv3
CVE-2022-23717
PingID Windows Login before 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.
Pingidentity Pingid Integration For Windows Login
7.5
CVSSv3
CVE-2020-3168
A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote malicious user to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. The v...
Cisco Nx-os 5.2\\(1\\)sv3\\(4.1a\\)
NA
CVE-2012-5055
DaoAuthenticationProvider in VMware SpringSource Spring Security prior to 2.0.8, 3.0.x prior to 3.0.8, and 3.1.x prior to 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote malicious users to enumerate valid u...
Vmware Springsource Spring Security 2.0.1
Vmware Springsource Spring Security 2.0.2
Vmware Springsource Spring Security 2.0.3
Vmware Springsource Spring Security 2.0.4
Vmware Springsource Spring Security 2.0.0
Vmware Springsource Spring Security 2.0.5
Vmware Springsource Spring Security
Vmware Springsource Spring Security 3.0.1
Vmware Springsource Spring Security 3.0.2
Vmware Springsource Spring Security 3.0.3
Vmware Springsource Spring Security 3.0.4
Vmware Springsource Spring Security 3.0.0
Vmware Springsource Spring Security 3.0.5
Vmware Springsource Spring Security 3.1.2
Vmware Springsource Spring Security 3.1.1
NA
CVE-2012-1288
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote malicious users to obtain access via an HTTP session.
Utc Utc Fire \\& Security Ge-mc100-ntp\\/gps-zb Master Clock Device -
5.3
CVSSv3
CVE-2020-4186
IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive information on the login page that could aid in further attacks against the system. IBM X-Force ID: 174804.
Ibm Security Guardium 10.5
Ibm Security Guardium 10.6
Ibm Security Guardium 11.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »