Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-01 | CVE-2019-14955 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented. | 5.3 |
| 2019-09-10 | CVE-2019-12943 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ttlock TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names. | 8.1 |
| 2019-07-10 | CVE-2019-13240 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Glpi-Project Glpi An issue was discovered in GLPI before 9.4.1. | 5.9 |
| 2019-06-21 | CVE-2019-10270 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Ultimatemember Ultimate Member An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. | 8.8 |
| 2019-06-19 | CVE-2019-3787 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pivotal Software Cloud Foundry Uaa-Release Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. | 8.8 |
| 2019-06-17 | CVE-2019-12476 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zohocorp Manageengine Adselfservice Plus 4.5/5.0 An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. | 6.8 |
| 2019-05-02 | CVE-2018-16988 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xdmod Open Xdmod An issue was discovered in Open XDMoD through 7.5.0. | 9.8 |
| 2019-04-22 | CVE-2019-11414 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.5.0 An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. | 8.8 |
| 2019-04-22 | CVE-2019-11393 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tildeslash Monit An issue was discovered in /admin/users/update in M/Monit before 3.7.3. | 9.8 |
| 2019-04-17 | CVE-2019-10641 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Contao CMS Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password. | 9.8 |