Lucene search
K

661 matches found

Fedora
Fedora
added 2026/01/11 12:55 a.m.10 views

[SECURITY] Fedora 42 Update: libsodium-1.0.21-2.fc42

Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of t...

4.5CVSS7.1AI score0.00166EPSS
Exploits0
Fedora
Fedora
added 2026/01/10 1:39 a.m.7 views

[SECURITY] Fedora 43 Update: libsodium-1.0.21-2.fc43

Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of t...

4.5CVSS7.1AI score0.00166EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.8 views

CVE-2019-20138

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's cryptopwhashstr is not used...

7.5CVSS7.2AI score0.00832EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 12:0 a.m.4 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

7.1AI score0.00311EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/10 9:31 p.m.6 views

EUVD-2025-202613

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

6.4AI score0.00186EPSS
Exploits0References3
NVD
NVD
added 2025/12/10 9:16 p.m.6 views

CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

7.5CVSS0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/10 12:0 a.m.3 views

CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

6.5AI score0.00186EPSS
Exploits0References2
CVE
CVE
added 2025/12/10 12:0 a.m.23 views

CVE-2025-65831

CVE-2025-65831 is documented across multiple sources as involving insecure MD5-based password hashing that could enable credential cracking and unauthorized account access if hashes are obtained. A concrete product reference appears in CNNVD: Meatmeet Pro App v1.1.2.0 uses MD5 for password hashin...

7.5CVSS6.5AI score0.00186EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/11/07 8:51 a.m.17 views

CVE-2025-46413

CVE-2025-46413 affects BUFFALO WSR-1800AX4 series Wi‑Fi routers. The issue is use of a password hash with insufficient computational effort (CWE-916) when WPS is enabled, potentially allowing an attacker to obtain the PIN and/or Wi‑Fi password. Public documents identify the affected component as ...

5.3CVSS6.9AI score0.00117EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/07 8:51 a.m.4 views

CVE-2025-46413

Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When WPS is enabled, PIN code and/or Wi-Fi password may be obtained by an attacker...

5.3CVSS6.9AI score0.00117EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.4 views

BUFFALO WSR-1800AX4 Series 安全漏洞

BUFFALO WSR-1800AX4 Series is a series of WiFi routers from BUFFALO Japan. A security vulnerability exists in the BUFFALO WSR-1800AX4 Series that stems from an insufficient password hash calculation, which could lead to the PIN and Wi-Fi password being obtained by an attacker...

5.3CVSS4.8AI score0.00117EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.10 views

PT-2025-45414

Name of the Vulnerable Software and Affected Versions BUFFALO Wi-Fi router WSR-1800AX4 series affected versions not specified Description A weakness exists related to the use of a password hash with insufficient computational effort in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When Wi-Fi Protect...

5.3CVSS6.7AI score0.00117EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/10/16 5:55 p.m.5 views

CVE-2025-34519

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm vulnerability. The product stores passwords using the MD5 hash function without applying a per‑password salt. Because MD5 is a fast, unsalted hash, an attacker who obtains the password database can...

8.2CVSS5.8AI score0.0028EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2025/10/16 4:21 p.m.3 views

CVE-2025-25298 Missing Maximum Password Length Validation in Strapi Password Hashing

Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...

6.3CVSS6.6AI score0.00383EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/16 4:21 p.m.9 views

CVE-2025-25298 Missing Maximum Password Length Validation in Strapi Password Hashing

Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...

6.3CVSS0.00383EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/10/14 12:0 a.m.6 views

Hash Chaining Degrades Security at Facebook

Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen vulnerabilities. This is the case in the password storage scheme...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-2018

Malware in sbrugna...

5CVSS6.4AI score0.01315EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3879

Malware in sbrugna...

4CVSS6.1AI score0.01635EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18566

Malware in sbrugna...

3.9CVSS4.7AI score0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-2766

Malware in sbrugna...

5.9CVSS5.9AI score0.0055EPSS
Exploits0References2
Rows per page
Query Builder