Vulnerabilities > Weak Password Requirements

DATE CVE VULNERABILITY TITLE RISK
2025-05-11 CVE-2025-4534 A vulnerability, which was classified as problematic, has been found in SunGrow Logger1000 01_A.
network
high complexity
CWE-521
3.7
2025-05-09 CVE-2025-1993 IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
local
high complexity
CWE-521
5.1
2025-05-08 CVE-2025-26847 Weak Password Requirements vulnerability in Znuny
An issue was discovered in Znuny before 7.1.5.
network
low complexity
znuny CWE-521
7.5
2025-04-14 CVE-2023-27272 IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.
network
high complexity
CWE-521
3.1
2025-03-20 CVE-2025-1474 Weak Password Requirements vulnerability in Lfprojects Mlflow
In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password.
network
low complexity
lfprojects CWE-521
5.5
2025-03-01 CVE-2024-41778 IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
high complexity
CWE-521
5.3
2025-02-16 CVE-2025-1341 A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0.
network
high complexity
CWE-521
3.7
2025-01-29 CVE-2023-35907 Weak Password Requirements vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
critical
9.8
2025-01-29 CVE-2023-37398 Weak Password Requirements vulnerability in IBM Aspera Faspex
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-521
critical
9.8
2025-01-11 CVE-2024-42173 Weak Password Requirements vulnerability in Hcltech Dryice Myxalytics 6.3
HCL MyXalytics is affected by an improper password policy implementation vulnerability.
network
high complexity
hcltech CWE-521
4.8