Jfrog Artifactory uses default passwords (such as "password") for administrative accounts and d…

Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password h…

RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derive…

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use…

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 84…

CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_…

TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the…

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows…

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an …

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting…

BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting proje…

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attac…

In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attac…

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that c…

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLog…

Versions of the Official registry Docker images through 2.7.0 contain a blank password for the …

IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not …

Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating Sys…

Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud E…

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should hav…

Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.

IBM Security Identity Manager 6.0.0 does not require that users should have strong passwords by…

IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Mo…

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firm…

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the cl…

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by de…

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for th…

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 d…

Siyucms v6.1.7 was discovered to contain a remote code execution (RCE) vulnerability in the bac…

Weak default root user credentials allow remote attackers to easily obtain OS superuser privile…

Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage o…

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative pa…

An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts vi…

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDAT…

An issue was discovered in SMA Solar Technology products. All inverters have a very weak passwo…

A weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP por…

The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authen…

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have stron…

This vulnerability allows remote attackers to disclose sensitive information on affected instal…