49 matches found
Use of a One-Way Hash with a Predictable Salt
Overview Affected versions of this package are vulnerable to Use of a One-Way Hash with a Predictable Salt in the getSecretKeySaltGenerator function of the Password Hash Handler component. An attacker can compromise the confidentiality of hashed secrets by exploiting the use of a predictable salt...
CVE-2021-22774
A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could lead an...
EUVD-2021-19436
Malware in sbrugna...
EUVD-2021-12934
Malware in sbrugna...
EUVD-2017-10284
Malware in sbrugna...
EUVD-2016-4107
Malware in sbrugna...
EUVD-2020-20698
Malware in sbrugna...
EUVD-2021-9909
Malicious code in bioql PyPI...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205
CVE-2025-10205 affects ABB FLXEON controllers (through 9.3.5 and newer). The issue arises from using a one-way hash with a predictable salt and low-entropy MD5 salt storage, enabling credential-related weaknesses and contributing to a remote code execution risk due to improper input validation. P...
PT-2025-38219
Name of the Vulnerable Software and Affected Versions: ABB FLXEON versions through 9.3.5 and newer versions Description: The software uses a one-way hash with a predictable salt. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...
CVE-2024-13951
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2019-12737
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...
CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt
Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...
CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt
Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...
CVE-2023-33838
IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input...
GHSA-PH62-FV59-VF9H silverstripe/framework users inadvertently passing sensitive data to LoginAttempt
All user login attempts are logged in the database in the LoginAttempt table. However, this table contains information in plain text, and may possible contain sensitive information, such as user passwords mis-typed into the username field. In order to address this a one-way hash is applied to the...
PT-2024-40400 · Packagist · Silverstripe/Framework
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns the storage of user login attempts in a database, specifically in the LoginAttempt table. This table stores information in plain text, which may include sensitive...
Schneider Electric Modicon M221 Programmable Logic Controller Use of a One-Way Hash with a Predictable Salt (CVE-2020-28214)
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...