Vulnerabilities > Weak Password Requirements
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2025-1474 | Weak Password Requirements vulnerability in Lfprojects Mlflow In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. | 5.5 |
| 2025-03-01 | CVE-2024-41778 | IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.3 |
| 2025-02-16 | CVE-2025-1341 | A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. | 3.7 |
| 2025-01-29 | CVE-2023-35907 | Weak Password Requirements vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 9.8 |
| 2025-01-29 | CVE-2023-37398 | Weak Password Requirements vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 9.8 |
| 2024-10-10 | CVE-2024-22068 | Weak Password Requirements vulnerability in ZTE products Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series: V4.00.10 and earlier. | 6.5 |
| 2024-10-09 | CVE-2024-7293 | Weak Password Requirements vulnerability in Progress Telerik Reporting In Progress® Telerik® Report Server versions prior to 2024 Q3 (10.2.24.806), a password brute forcing attack is possible through weak password requirements. | 8.8 |
| 2024-09-26 | CVE-2024-47121 | Weak Password Requirements vulnerability in Gotenna PRO The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. | 5.3 |
| 2024-09-22 | CVE-2024-47221 | Weak Password Requirements vulnerability in Rapidscada Rapid Scada CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. | 7.5 |
| 2024-09-12 | CVE-2021-38133 | Weak Password Requirements vulnerability in Microfocus Edirectory Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. | 6.5 |