Lucene search
K

49 matches found

Snyk
Snyk
added 2026/05/24 11:47 a.m.10 views

Use of a One-Way Hash with a Predictable Salt

Overview Affected versions of this package are vulnerable to Use of a One-Way Hash with a Predictable Salt in the getSecretKeySaltGenerator function of the Password Hash Handler component. An attacker can compromise the confidentiality of hashed secrets by exploiting the use of a predictable salt...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.13 views

CVE-2021-22774

A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could lead an...

7.5CVSS6.8AI score0.00799EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-19436

Malware in sbrugna...

7.5CVSS7.6AI score0.00427EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-12934

Malware in sbrugna...

7.5CVSS7.6AI score0.00397EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-10284

Malware in sbrugna...

7.5CVSS6.7AI score0.01349EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-4107

Malware in sbrugna...

4.4CVSS4.9AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-20698

Malware in sbrugna...

5.5CVSS5.6AI score0.00719EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-9909

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00799EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/19 3:28 p.m.6 views

CVE-2025-10205

Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...

8.8CVSS6.9AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2025/09/17 3:15 p.m.4 views

CVE-2025-10205

Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...

8.8CVSS0.00201EPSS
Exploits0References1
CVE
CVE
added 2025/09/17 2:51 p.m.14 views

CVE-2025-10205

CVE-2025-10205 affects ABB FLXEON controllers (through 9.3.5 and newer). The issue arises from using a one-way hash with a predictable salt and low-entropy MD5 salt storage, enabling credential-related weaknesses and contributing to a remote code execution risk due to improper input validation. P...

8.8CVSS6.6AI score0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.7 views

PT-2025-38219

Name of the Vulnerable Software and Affected Versions: ABB FLXEON versions through 9.3.5 and newer versions Description: The software uses a one-way hash with a predictable salt. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...

8.8CVSS6.3AI score0.00201EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/24 7:12 p.m.13 views

CVE-2024-13951

One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

7.6CVSS6.7AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:30 a.m.9 views

CVE-2019-12737

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...

5.3CVSS6.9AI score0.0068EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/28 5:26 p.m.9 views

CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS5.1AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/28 5:26 p.m.13 views

CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS0.00146EPSS
Exploits0References2
OSV
OSV
added 2025/01/29 2:15 a.m.5 views

CVE-2023-33838

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input...

4.9CVSS5.8AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2024/05/27 9:50 p.m.11 views

GHSA-PH62-FV59-VF9H silverstripe/framework users inadvertently passing sensitive data to LoginAttempt

All user login attempts are logged in the database in the LoginAttempt table. However, this table contains information in plain text, and may possible contain sensitive information, such as user passwords mis-typed into the username field. In order to address this a one-way hash is applied to the...

6.5CVSS6.7AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.2 views

PT-2024-40400 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns the storage of user login attempts in a database, specifically in the LoginAttempt table. This table stores information in plain text, which may include sensitive...

6.5CVSS6.8AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/03/01 12:0 a.m.17 views

Schneider Electric Modicon M221 Programmable Logic Controller Use of a One-Way Hash with a Predictable Salt (CVE-2020-28214)

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 all references, all versions, that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictab...

9.8CVSS5.8AI score0.00719EPSS
Exploits0References3
Rows per page
Query Builder