Lucene search
K

661 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.13 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

9.8CVSS5.5AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.42 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:30 a.m.15 views

EUVD-2026-34042

QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...

8.2CVSS5.8AI score0.00178EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/02 10:9 p.m.7 views

CVE-2026-25861 QloApps 1.7.0 Weak Password Hashing via MD5 in Tools.php

QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...

8.2CVSS5.8AI score0.00178EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 10:9 p.m.39 views

CVE-2026-25861 QloApps 1.7.0 Weak Password Hashing via MD5 in Tools.php

QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...

8.2CVSS0.00178EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45872

Name of the Vulnerable Software and Affected Versions QloApps versions prior to 1.7.0 commit 64e9722 Description The software uses a weak cryptographic algorithm for password hashing. Specifically, the encrypt function in classes/Tools.php utilizes MD5, concatenating a static cookie key with the...

8.2CVSS5.8AI score0.00178EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

QloApps 安全漏洞

QloApps is an open-source hotel management and reservation system developed by QloApps. Versions of QloApps 1.7.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of MD5 for password hashing in the Tools.php file. Weak encryption algorithms allowed...

8.2CVSS5.4AI score0.00178EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.12 views

Fedora 43 : perl-Catalyst-Plugin-Authentication (2026-af4f5feae8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-af4f5feae8 advisory. Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 7:16 p.m.14 views

CVE-2026-44611

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

5.9CVSS0.00141EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 5:42 p.m.15 views

EUVD-2026-33398

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/29 5:42 p.m.38 views

CVE-2026-44611 MacGregor Voyage Data Recorder (VDR) G4e Use of Password Hash With Insufficient Computational Effort

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

5.9CVSS0.00141EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/29 5:42 p.m.19 views

CVE-2026-44611 MacGregor Voyage Data Recorder (VDR) G4e Use of Password Hash With Insufficient Computational Effort

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 5:42 p.m.22 views

CVE-2026-44611

CVE-2026-44611 affects Danelec MacGregor Voyage Data Recorder. The password storage uses a hashing method that limits password length and is susceptible to brute-force attacks, potentially compromising authentication. According to the provided metrics, the vulnerability has a CVSS base score arou...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

Danelec Marine Danelec MacGregor Voyage Data Recorder 安全漏洞

The Danelec Marine Danelec MacGregor Voyage Data Recorder is a series of ship navigation data recording systems developed by Danelec Marine. There is a security vulnerability present in the Danelec Marine Danelec MacGregor Voyage Data Recorder, which stems from the use of a hash method for storin...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.15 views

PT-2026-44931

Name of the Vulnerable Software and Affected Versions Danelec MacGregor Voyage Data Recorder affected versions not specified Description Passwords are stored using a hashing method that restricts password length and is susceptible to brute force attacks, which is a trial-and-error method used to...

5.9CVSS5.5AI score0.00141EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/05/28 7:7 p.m.65 views

LTD_Communication

LTD Communication — Cybersecurity Course Project Vulnerable...

6AI score
Exploits0
NVD
NVD
added 2026/05/27 5:16 p.m.24 views

CVE-2026-45027

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's hash function with the SHA-256 algorithm and no salt before comparing it to the stored value. The password change flow in...

5.9CVSS0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 3:24 p.m.41 views

CVE-2026-45027 WeGIA: Use of Weak Password Hashing Algorithm (SHA-256, no salt) in html/login.php

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's hash function with the SHA-256 algorithm and no salt before comparing it to the stored value. The password change flow in...

5.9CVSS0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 3:24 p.m.9 views

CVE-2026-45027 WeGIA: Use of Weak Password Hashing Algorithm (SHA-256, no salt) in html/login.php

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's hash function with the SHA-256 algorithm and no salt before comparing it to the stored value. The password change flow in...

5.9CVSS5.8AI score0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 3:24 p.m.12 views

EUVD-2026-32565

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's hash function with the SHA-256 algorithm and no salt before comparing it to the stored value. The password change flow in...

5.9CVSS5.8AI score0.00136EPSS
Exploits0References1
Rows per page
Query Builder