Total
192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-1570 | 2025-02-28 | N/A | 8.1 HIGH | ||
| The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directorist_generate_password_reset_pin_code() and reset_user_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator. | |||||
| CVE-2022-45637 | 1 Megafeis | 1 Bofei Dbd\+ | 2025-02-26 | N/A | 9.8 CRITICAL |
| An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism. | |||||
| CVE-2023-7264 | 1 Buildapp | 1 Build App Online | 2025-02-05 | N/A | 8.1 HIGH |
| The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code. | |||||
| CVE-2021-36436 | 1 Mobicint | 1 Mobicint | 2025-02-05 | N/A | 5.3 MEDIUM |
| An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint. | |||||
| CVE-2023-31287 | 1 Serenity | 2 Serene, Startsharp | 2025-01-31 | N/A | 7.8 HIGH |
| An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. Password reset links are sent by email. A link contains a token that is used to reset the password. This token remains valid even after the password reset and can be used a second time to change the password of the corresponding user. The token expires only 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can thus use the token again to change the password in order to take over the account. | |||||
| CVE-2023-31459 | 1 Mitel | 1 Mivoice Connect | 2025-01-31 | N/A | 8.8 HIGH |
| A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because the initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands. | |||||
| CVE-2023-28821 | 1 Concretecms | 1 Concrete Cms | 2025-01-30 | N/A | 5.3 MEDIUM |
| Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets. | |||||
| CVE-2018-8916 | 1 Synology | 1 Diskstation Manager | 2025-01-14 | 4.0 MEDIUM | 6.3 MEDIUM |
| Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification. | |||||
| CVE-2025-0331 | 2025-01-09 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-11350 | 2025-01-08 | N/A | 9.8 CRITICAL | ||
| The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | |||||
| CVE-2023-7028 | 1 Gitlab | 1 Gitlab | 2024-12-20 | N/A | 10.0 CRITICAL |
| An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address. | |||||
| CVE-2024-53552 | 2024-12-11 | N/A | 9.8 CRITICAL | ||
| CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover. | |||||
| CVE-2024-47547 | 1 Ruijienetworks | 1 Reyee Os | 2024-12-10 | N/A | 9.4 CRITICAL |
| Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks. | |||||
| CVE-2022-42807 | 1 Apple | 1 Macos | 2024-12-06 | N/A | 4.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key | |||||
| CVE-2023-28202 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-12-05 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app firewall setting may not take effect after exiting the Settings app. | |||||
| CVE-2024-24903 | 1 Dell | 1 Secure Connect Gateway | 2024-12-05 | N/A | 8.0 HIGH |
| Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change. | |||||
| CVE-2023-29145 | 1 Malwarebytes | 2 Endpoint Detection And Response, Malwarebytes | 2024-11-26 | N/A | 7.8 HIGH |
| The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger. | |||||
| CVE-2023-36487 | 1 Ilias | 1 Ilias | 2024-11-26 | N/A | 9.8 CRITICAL |
| The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account. | |||||
| CVE-2021-22763 | 1 Schneider-electric | 10 Powerlogic Pm5560, Powerlogic Pm5560 Firmware, Powerlogic Pm5561 and 7 more | 2024-11-24 | 10.0 HIGH | 9.8 CRITICAL |
| A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device. | |||||
| CVE-2024-5404 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism. | |||||