Low
CVE-2026-10169
A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax_forgot_pa…
Tag: Weak Credentials
All CVEs associated with "Weak Credentials". Page 1/2 • 181 CVEs.
Subscribe CVEs: RSS for “Weak Credentials” · RSS (High+Critical only)
About “Weak Credentials”
A curated feed of “Weak Credentials”-related CVEs appears below. We currently track 181 CVEs for this tag (all time). In the last 365 days, 46 were published. Average CVSS is 7.1 (all time; 6.0 over 365d), and 56% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-640 - Weak Password Recovery Mechanism for Forgotten Password, CWE-521 - Weak Password Requirements, CWE-916 - Use of Password Hash With Insufficient Computational Effort.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2026-05-31
2026-05-27
Medium
CVE-2026-9609
A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remot…
2026-05-25
Medium
CVE-2026-9466
A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoin…
2026-05-24
Low
CVE-2026-9394
A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a manipulation can lead to w…
2026-05-22
Medium
CVE-2026-25607
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version…
2026-05-09
Medium
CVE-2026-7652
The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due…
2026-05-01
Medium
CVE-2026-7554
A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attac…
2026-04-16
Medium
CVE-2025-36579
Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leadi…
2026-04-09
High
CVE-2026-33771
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local acc…
2026-03-26
Medium
CVE-2025-55269
HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user ac…
2026-02-21
Low
CVE-2026-2895
A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argumen…
2026-02-16
High
CVE-2026-2564
A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak…
2026-01-25
Low
CVE-2026-1408
A weakness has been identified in Beetel 777VR1 up to 01.00.09/01.00.09_55. This vulnerability affects unknown code of the component UART Interface. Executing a manipulation can lead to weak password…
2026-01-23
Critical
CVE-2025-4320
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass…
Critical
CVE-2025-4319
Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute…
2026-01-22
Medium
CVE-2026-1325
A security flaw has been discovered in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function edit_pwd_mall of the file /fort/login/edit_pwd_mall. The ma…
2026-01-19
Low
CVE-2025-55252
HCL AION version 2 is affected by a Weak Password Policy vulnerability. This can allow the use of easily guessable passwords, potentially resulting in unauthorized access
2025-12-31
Low
CVE-2025-15398
A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. S…
2025-12-16
Medium
CVE-2025-13532
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9…
2025-12-15
Medium
CVE-2025-14696
A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOpe…
2025-12-12
Medium
CVE-2025-23408
Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0. Users are encouraged to upgrade to version 1.1…
2025-12-09
Medium
CVE-2025-41692
A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.
2025-11-23
Medium
CVE-2025-13565
A weakness has been identified in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the file /model/user/resetPassword.php. Executing manipulation can lea…
2025-11-18
Low
CVE-2025-65014
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a weak password policy vulnerability was identified in the user management functionality of the…
2025-11-15
High
CVE-2025-55034
General Industrial Controls Lynx+ Gateway is vulnerable to a weak password requirement vulnerability, which may allow an attacker to execute a brute-force attack resulting in unauthorized access an…
2025-11-14
High
CVE-2025-8855
Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage…
2025-11-10
Critical
CVE-2025-12866
EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-force the 'forgot password' link, thereby success…
2025-10-29
Critical
CVE-2025-11200
MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not r…
2025-10-27
Critical
CVE-2025-12364
Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
2025-10-24
High
CVE-2025-60954
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including sin…
2025-10-23
High
CVE-2025-61977
A weak password recovery mechanism for forgotten password vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an attacker to decrypt an encrypted p…
2025-10-16
Medium
CVE-2025-61330
A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak pa…
2025-10-06
Low
CVE-2025-11322
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the ar…
2025-09-29
High
CVE-2025-41251
VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks. Impa…
2025-09-12
Medium
CVE-2025-10322
A vulnerability has been found in Wavlink WL-WN578W2 221110. The affected element is an unknown function of the file /sysinit.html. The manipulation of the argument newpass/confpass leads to weak pas…
Low
CVE-2025-10320
A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some unknown processing of the file /admin/user/updatePwd. Performing manipulation results in weak password req…
2025-09-09
Critical
CVE-2025-32486
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through <= 1.4.6.
2025-08-27
Low
CVE-2025-9514
A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be…
2025-08-05
Low
CVE-2025-8549
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.…
2025-07-26
Medium
CVE-2025-8182
A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the file /etc_ro/smb.conf of the component Samba. The manipulation l…
2025-07-22
Medium
CVE-2025-7948
A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to…
2025-07-20
Low
CVE-2025-7881
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulati…
2025-07-10
Medium
CVE-2025-5022
Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the…
2025-06-23
High
CVE-2025-27387
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.
2025-06-13
Critical
CVE-2025-28389
Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.
2025-06-12
Medium
CVE-2025-49197
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.
2025-05-23
Critical
CVE-2025-47646
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This…
2025-05-22
Medium
CVE-2024-51552
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: throu…
2025-05-13
High
CVE-2025-24007
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). Affected devices only provide weak password obfuscation. An at…
2025-05-11
Low
CVE-2025-4534
A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A. This issue affects some unknown processing. The manipulation leads to weak password requirements. The…
2025-04-17
Critical
CVE-2025-31380
Weak Password Recovery Mechanism for Forgotten Password vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Password Recovery Exploitation.This issue affects Paid Videoc…
2025-03-31
Critical
CVE-2025-25211
Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a brute-force attack may allow an attacker unauthorized access and login.
2025-03-28
High
CVE-2025-2862
SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods u…
2025-03-10
Medium
CVE-2024-12604
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Re…
2025-03-07
Low
CVE-2025-2093
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-passw…
2025-03-05
Critical
CVE-2025-27663
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007.
2025-02-28
Medium
CVE-2025-27408
Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher…
2025-02-16
Low
CVE-2025-1341
A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an unknown part of the component Setting Handler. The manipulation leads to weak password requirements. It…
2025-02-07
High
CVE-2024-52884
An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501.841. Due to the use of weak password obfuscation/encryption, an attacker with access to configuration ex…
2025-01-09
Medium
CVE-2025-0331
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of th…
2024-12-05
Critical
CVE-2024-48845
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB…
2024-11-26
High
CVE-2024-52008
Fides is an open-source privacy engineering platform. The user invite acceptance API endpoint lacks server-side password policy enforcement, allowing users to set arbitrarily weak passwords by bypass…
2024-11-01
Medium
CVE-2024-51398
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously threa…
2024-10-13
Low
CVE-2024-9907
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verifica…
2024-10-09
High
CVE-2024-7293
In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements.
2024-09-26
Medium
CVE-2024-47121
The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force att…
Medium
CVE-2024-45374
The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute f…
2024-09-11
Medium
CVE-2024-8692
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The at…
2024-08-27
High
CVE-2022-39997
A weak password requirement issue was discovered in Teldats Router RS123, RS123w allows a remote attacker to escalate privileges
2024-07-30
High
CVE-2024-23091
Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to obtain plaintext passwords from hash values.
2024-06-11
High
CVE-2023-7264
The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.22. This makes it possible for unauthentic…
2024-06-03
Critical
CVE-2024-5404
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
2024-05-14
Critical
CVE-2024-3263
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and farm. Due to a combination of improper method for system credentials generation and weak password policy…
2024-04-13
Low
CVE-2024-3735
A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/C…
2024-03-21
High
CVE-2024-2463
Weak password recovery mechanism in CDeX application allows to retrieve password reset token.This issue affects CDeX application versions through 5.7.1.
2024-03-01
High
CVE-2024-24903
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially expl…
2024-02-13
High
CVE-2024-22454
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this…
2024-01-30
Medium
CVE-2024-0676
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retri…
2024-01-13
Medium
CVE-2024-0491
A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an unknown function of the file src/main/java/com/jsh/erp/controller/UserController.java. The manipulatio…
2024-01-11
Medium
CVE-2024-0425
A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability affects unknown code of the file /admin/index.php?act=reset_admin_psw. The manipulation leads to weak…
2024-01-09
Low
CVE-2024-0347
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signup_teacher.php. The manipulation of t…
2024-01-02
Low
CVE-2024-0188
A vulnerability, which was classified as problematic, was found in RRJ Nueva Ecija Engineer Online Portal 1.0. This affects an unknown part of the file change_password_teacher.php. The manipulation l…
Low
CVE-2024-0186
A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST R…
2023-12-22
Low
CVE-2023-7053
A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation le…
2023-11-28
Low
CVE-2023-29062
The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested res…
2023-11-11
Medium
CVE-2023-5959
A vulnerability, which was classified as problematic, was found in Byzoro Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the…
2023-11-08
Critical
CVE-2023-29974
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements.
2023-11-03
High
CVE-2023-41353
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information af…
2023-10-29
High
CVE-2023-5840
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
2023-09-29
Medium
CVE-2023-5296
A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the compone…
2023-09-27
Medium
CVE-2023-41878
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Met…
2023-09-19
High
CVE-2023-4096
Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order…
2023-09-14
Critical
CVE-2023-37756
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack.
2023-09-07
High
CVE-2023-34357
Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been re…
2023-08-21
Medium
CVE-2023-4448
A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument passw…
2023-08-03
High
CVE-2023-4125
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0.
2023-06-27
High
CVE-2023-3423
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0.
2023-06-02
High
CVE-2023-2060
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allow…
2023-05-31
Medium
CVE-2023-3007
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the compone…
2023-05-22
Critical
CVE-2023-31098
Weak Password Requirements vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.6.0. When users change their password to a simple passwor…
2023-04-28
Critical
CVE-2023-30466
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC), due to a weak password reset mechanism at the Milesight NV…
2023-04-18
Medium
CVE-2023-2160
Weak Password Requirements in GitHub repository modoboa/modoboa prior to 2.1.0.
2023-04-15
Critical
CVE-2023-2106
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20.
2023-03-31
Medium
CVE-2023-1753
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
2023-02-12
High
CVE-2023-0793
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
2023-02-02
Low
CVE-2023-0641
A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepasswo…
2023-01-31
Medium
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API
2023-01-30
Critical
CVE-2022-32513
A CWE-521: Weak Password Requirements vulnerability exists that could allow an attacker to gain control of the device when the attacker brute forces the password. Affected Products: C-Bus Network Aut…
2023-01-29
Medium
CVE-2023-0569
Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10.
Medium
CVE-2023-0564
Weak Password Requirements in GitHub repository froxlor/froxlor prior to 2.0.10.
2023-01-19
Low
CVE-2015-10071
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipu…
2023-01-15
Critical
CVE-2023-0307
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
2023-01-02
Medium
CVE-2023-22451
Kiwi TCMS is an open source test management system. In version 11.6 and prior, when users register new accounts and/or change passwords, there is no validation in place which would prevent them from…
2022-12-26
High
CVE-2022-26964
Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded.
2022-12-15
Critical
CVE-2022-44236
Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) has a Weak password vulnerability.
2022-12-02
Critical
CVE-2022-45482
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary comman…
2022-10-29
Critical
CVE-2022-3754
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
2022-10-06
Medium
CVE-2022-3376
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
2022-09-29
Medium
CVE-2022-3326
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.
2022-09-22
Critical
CVE-2022-3268
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2.