Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-42670
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes ...
Samba Samba
Fedoraproject Fedora 39
NA
CVE-2023-4091
A vulnerability exists in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the ...
Samba Samba
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
NA
CVE-2023-20264
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious...
Cisco Adaptive Security Appliance Software
Cisco Firepower Threat Defense 7.2.4
NA
CVE-2023-5089
The Defender Security WordPress plugin prior to 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.
Wpmudev Defender Security
NA
CVE-2023-3971
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an malicious user to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
Redhat Ansible Automation Controller 4.4
Redhat Ansible Automation Controller
Redhat Ansible Automation Platform 2.3
Redhat Ansible Automation Platform 2.4
Redhat Ansible Developer 1.0
Redhat Ansible Inside 1.1
NA
CVE-2022-4132
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
Dogtagpki Network Security Services For Java
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-4549
The DoLogin Security WordPress plugin prior to 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by malicious users to conduct Stored XSS attacks via WordPress' login form.
Wpdo5ea Dologin Security
1 Github repository
NA
CVE-2020-11711
An issue exists in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It i...
Stormshield Stormshield Network Security
NA
CVE-2023-20168
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local malicious user to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication ...
Cisco Nx-os 9.3\\(11\\)
Cisco Nx-os 10.2\\(5\\)
Cisco Nx-os -
NA
CVE-2023-39343
Sulu is an open-source PHP content management system based on the Symfony framework. It allows over the Admin Login form to detect which user (username, email) exists and which one do not exist. Sulu Installation not using the old Symfony 5.4 security System and previous version ...
Sulu Sulu
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »