Binardat 10G08-0800GSM 安全漏洞

Binardat 10G08-0800GSM is a high-performance switch from the Chinese company Binardat. The Binardat 10G08-0800GSM Network SwitchV300SP10260209 earlier versions had a security vulnerability. This vulnerability stemmed from the use of Base64 encoding for storing user passwords in client cookies,...

CVE-2025-67652 AutomationDirect CLICK Programmable Logic Controller Weak Encoding for Password

An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. The absence of robust encryption or secure handling mechanisms increases the likelihood of this type of exploitation, leavi...

CVE-2025-67652 AutomationDirect CLICK Programmable Logic Controller Weak Encoding for Password

An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. The absence of robust encryption or secure handling mechanisms increases the likelihood of this type of exploitation, leavi...

CVE-2025-67652

CVE-2025-67652 affects AutomationDirect CLICK PLC (project file handling) with weak password encoding in the addressed project file. Root cause: insufficient encryption/secure storage of credentials, enabling an attacker with local access to the project file to impersonate users, escalate privile...

CVE-2025-8307

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm...

CVE-2021-47726

NuCom 11N Wireless Router 5.07.90 contains a privilege escalation vulnerability that allows non-privileged users to access administrative credentials through the configuration backup endpoint. Attackers can send a crafted HTTP GET request to the backup configuration page with a specific cookie to...

Weak Encoding for Password

Overview @strapi/admin is a Strapi Admin Affected versions of this package are vulnerable to Weak Encoding for Password in to the implementation of password hashing. An attacker can reduce the effective entropy of user passwords and potentially mislead users about the required password length by...

EUVD-2020-10147

Malware in sbrugna...

EUVD-2022-37400

Malicious code in bioql PyPI...

EUVD-2024-54324

Malicious code in bioql PyPI...

The vulnerability of the g_F_n_GenPassForQlync function in the microprogramming software of D-Link DCS-7517 cameras allows a intruder to compromise the confidentiality of the protected information.

The vulnerability of the gFnGenPassForQlync function in the microprogramming software of D-Link DCS-7517 cameras is related to the use of fixed password encoding. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the information being protected...

JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞

JTEKT ELECTRONICS HMI ViewJet C-more is a series of human-machine interfaces from JTEKT ELECTRONICS, Japan. A security vulnerability exists in the JTEKT ELECTRONICS HMI ViewJet C-more that stems from a weak password encoding issue that could lead to credential disclosure...

CVE-2024-7407

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transforme...

CVE-2024-7407

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

CVE-2024-7407 Weak password encoding in Streamsoft Prestiż

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

CVE-2024-7407

CVE-2024-7407 concerns Streamsoft Prestiż, where a custom password encoding algorithm allows decoding of stored passwords from encoded forms under observer-informed conditions. The vulnerable element is the password encoding/transform process in the application’s database storage. The impact, as ...

CVE-2024-7407 Weak password encoding in Streamsoft Prestiż

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are...

Streamsoft Prestiz 安全漏洞

Streamsoft Prestiz is an ERP system for the plastics industry from Streamsoft. A security vulnerability exists in Streamsoft Prestiz that stems from the use of a custom password encoding algorithm, which could result in passwords being easily decoded...

The vulnerability of the /etc/passwd component in D-Link DIR-605L router microprogramming software allows a hacker to gain access to the system with root privileges.

The vulnerability of the /etc/passwd component in D-Link DIR-605L router microprogramming systems is related to the use of fixed password encoding. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the system with root privileges...

CVE-2023-28896 Weak encoding for password in UDS services

Access to critical Unified Diagnostics Services UDS of the Modular Infotainment Platform 3 MIB3 infotainment is transmitted via Controller Area Network CAN bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III 3V3 -...