Lucene search
K

293 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-8117

Malicious code in bioql PyPI...

4CVSS4.8AI score0.0011EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-46453

Malicious code in bioql PyPI...

6.5CVSS5.6AI score0.00462EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-5665

Malicious code in bioql PyPI...

5.3CVSS7.3AI score0.02282EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-9909

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00312EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-27552

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBIx::Class::EncodedColumn use the rand function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program...

4CVSS6AI score0.0011EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-22976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the...

5.3CVSS6.8AI score0.02282EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/01 4:53 p.m.7 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 4:36 p.m.5 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 4:31 p.m.4 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 2:34 p.m.3 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 2:30 p.m.3 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 1:48 p.m.12 views

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

7.4CVSS7.1AI score0.00568EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.5 views

CVE-2024-47182

Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3...

7.5CVSS6.7AI score0.00208EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.7 views

CVE-2020-25987

MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash...

7.5CVSS6.9AI score0.01628EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 3:1 a.m.9 views

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

7.5CVSS6.9AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/07 12:17 a.m.25 views

CVE-2025-32352

A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt...

4.8CVSS7.1AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/04/05 5:15 a.m.15 views

CVE-2025-32352

A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt...

4.8CVSS0.00312EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/05 12:0 a.m.7 views

CVE-2025-32352

A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt...

4.8CVSS7.1AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/05 12:0 a.m.5 views

PT-2025-15053 · Zendto · Zendto

Name of the Vulnerable Software and Affected Versions: ZendTo versions prior to 5.04-7 Description: A type confusion vulnerability in lib/NSSAuthenticator.php allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. The...

4.8CVSS6.7AI score0.00312EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/04/05 12:0 a.m.22 views

CVE-2025-32352

A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashes that can be interpreted as numbers. A solution requires moving from MD5 to bcrypt...

4.8CVSS0.00312EPSS
Exploits0References1
Rows per page
Query Builder