97 matches found
CVE-2023-2900
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...
CVE-2022-25156
Use of Weak Hash vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120ENCPU all...
CVE-2022-36072
SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the 0e symbols were being handled as zero multiplied with the e number. Therefore, the hash value w...
CVE-2022-25157
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC...
CVE-2021-39579
An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function stringhash located in q.c. It allows an attacker to cause code Execution...
CVE-2025-3937
The CVE-2025-3937 issue affects Tridium Niagara Framework and Niagara Enterprise Security. Vulnerable component: password hash with insufficient computational effort, enabling cryptanalysis. Affected software versions: Niagara Framework before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterp...
CVE-2005-4775
Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash...
CVE-2025-32789
EspoCRM (open-source CRM) prior to version 9.0.7 is affected by a vulnerability in the user password hashing disclosure feature. The issue allows an attacker to infer other users’ password hashes by sorting the user list by the password hash, potentially enabling password changes if the attacker ...
CVE-2025-32789 EspoCRM Allows Potential Disclosure of Sensitive Information in the User Sorting Function
EspoCRM is an Open Source Customer Relationship Management software. Prior to version 9.0.7, users can be sorted by their password hash. This flaw allows an attacker to make assumptions about the hash values of other users stored in the password column of the user table, based on the results of t...
CVE-2025-27552
CVE-2025-27552 affects the Perl DBIx::Class::EncodedColumn component, where the salting of password hashes uses the non-cryptographically secure rand() function in Crypt/Eksblowfish/Bcrypt.pm. The issue impacts DBIx::Class::EncodedColumn up to version 0.00032. According to the connected documents...
CVE-2025-2349
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational...
CVE-2025-2349
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational...
CVE-2025-2349 IROAD Dash Cam FX2 Password Hash passwd weak password hash
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational...
CVE-2025-1868
Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...
CVE-2022-24798
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to mntner objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perfo...
CVE-2024-5743 Command Injection Vulnerability
An attacker could exploit the 'Use of Password Hash With Insufficient Computational Effort' vulnerability in EveHome Eve Play to execute arbitrary code. This issue affects Eve Play: through 1.1.42...
CVE-2024-7701 Misuse of SHA256 to create an encryption key
Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0...
Percona Toolkit 安全漏洞
Percona Toolkit is a series of advanced command line tools from Percona Corporation, USA. A security vulnerability exists in Percona Toolkit version 3.6.0 that stems from a password hash vulnerability that allows cryptographic brute force cracking using insufficient computational effort...
The vulnerability of the Attended SysUpgrade function of the sysupgrade.openwrt.org service allows a malicious actor to create a specially crafted malware image signed with a legitimate key.
The vulnerability of the Attended SysUpgrade function of the sysupgrade.openwrt.org service in the embedded operating system OpenWrt is related to the use of a reversible one-way hash function. Exploiting this vulnerability allows a malicious actor to remotely create a specially crafted malware...
389-ds-base security update
2.4.5-9 - Bump version to 2.4.5-9 - Resolves: RHEL-44323 - unauthenticated user can trigger a DoS by sending a specific extended search request - Resolves: RHEL-40945 - Malformed userPassword hash may cause Denial of Service - Resolves: RHEL-49457 - perf search result investigation for many large...