CVE-2024-1224

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitati...

CVE-2024-51478

YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...

Synology DSM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-27653)

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager DSM before 6.2.325426 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

CVE-2024-8603

CVE-2024-8603 affects B&R Automation Runtime and B&R mapp View versions prior to 6.1, where the SSL/TLS component uses a broken or risky cryptographic algorithm. Unauthenticated network-based attackers may masquerade as services on impacted devices. Multiple sources (NVD/NCSA advisory references ...

CVE-2024-8603

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...

CVE-2024-47921

Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm...

CVE-2024-47921

CVE-2024-47921 concerns Smadar SPS with CWE-327: Use of a Broken or Risky Cryptographic Algorithm. Affected product: Smadar SPS; reports reference cryptographic weaknesses in the software (CNNVD 202412-3229) and details vary by source (e.g., version 4.0.44.0.64 cited by CNNVD). CVSS 3.1 metrics i...

CVE-2024-47921 Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm

Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm...

CVE-2024-47921 Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm

Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm...

PT-2024-32897 · Unknown · Smadar Sps

Name of the Vulnerable Software and Affected Versions: Smadar SPS affected versions not specified Description: The issue is related to the use of a broken or risky cryptographic algorithm, as identified by CWE-327. This could potentially lead to security risks due to the weakness in the...

CVE-2024-28980

Dell RecoverPoint for VMs, versions 6.0.x contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

CVE-2024-28980

Dell RecoverPoint for VMs, versions 6.0.x contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

Password Reset Attack

yeswiki/yeswiki is vulnerable to weak cryptographic algorithm. The vulnerability is due to poor cryptographic practices, specifically the use of a weak cryptographic algorithm and a hard-coded salt for hashing the password reset key, allowing attackers to recover the reset key and gain unauthoriz...

GHSA-4FVX-H823-38V3 YesWiki Uses a Broken or Risky Cryptographic Algorithm

Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...

YesWiki Uses a Broken or Risky Cryptographic Algorithm

Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm through the generateUserLink function. This could lead to account takeover, which can lead to theft of sensitive data, modification of website content, addition/deletion of administrator...

CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki

YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...

CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki

YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...

CVE-2024-51478

YesWiki (PHP) prior to version 4.4.5 is vulnerable due to use of a weak cryptographic algorithm and a hard-coded salt for hashing the password reset key, enabling recovery and reuse to reset any account’s password. The issue is fixed in 4.4.5. A PoC and multiple advisories (GHSA-4FVX-H823-38V3, V...

CVE-2024-10128

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...