21 matches found
PT-2026-25998
Summary /objects/encryptPass.json.php exposes the application's password hashing algorithm to any unauthenticated user. An attacker can submit arbitrary passwords and receive their hashed equivalents, enabling offline password cracking against leaked database hashes. Details File:...
CVE-2026-27461
Pimcore is an Open Source Data & Experience Management Platform. In versions up to and including 11.5.14.1 and 12.3.2, the filter query parameter in the dependency listing endpoints is JSON-decoded and the value field is concatenated directly into RLIKE clauses without sanitization or parameteriz...
MiracleLinux 7 : ipa-4.6.8-5.17.0.1.el7.AXS7 (AXSA:2024-8141:06)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8141:06 advisory. ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force CVE-2024-3183 Tenable has extracted the preceding descriptio...
CVE-2025-40760
A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes fo...
CVE-2018-25129
SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilities that allow attackers to access sensitive user credentials. Attackers can retrieve authenticated and unauthenticated user password hashes and pins through unprotected endpoints like...
CVE-2025-14553
Exposure of password hashes through an unauthenticated API response in TP-Link Tapo app on iOS and Android for Tapo cameras, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged...
EUVD-2025-200106
Grav Exposes Password Hashes Leading to privilege escalation...
PT-2025-48563
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, users with read access on the user account management section of the admin panel can view the password hashes of all users, including the admin user. This exposure can potentially lead to privilege escalation if an attacker can crack thes...
PT-2025-44801
Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user account information including API keys and hashed passwords to authenticated users who should not have access to that data. Exposure of API keys or password hashes could lead to account compromise, abuse ...
CVE-2025-11196
The CVE-2025-11196 issue affects the WordPress External Login plugin (versions up to 1.11.2). The vulnerability is due to the exlog_test_connection AJAX action lacking capability checks or nonce validation, enabling authenticated users with subscriber-level access and above to query the external ...
EUVD-2013-7026
Malware in sbrugna...
SYSCOM OMFLOW 信息泄露漏洞
SYSCOM OMFLOW is an information maintenance management system from China's SYSCOM Corporation. An information disclosure vulnerability exists in SYSCOM OMFLOW version 1.2.0 and prior versions, which originates from a remote attacker who logs into the system and can obtain the password hashes of a...
PT-2024-39246 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the data query functionality in OMFLOW, which does not properly restrict the query range. This allows remote attackers with regular privileges t...
PT-2024-19670 · Fortinet · Fortiweb
Name of the Vulnerable Software and Affected Versions: FortiWeb versions 6.3 and all versions prior to 7.0.8 FortiWeb versions 7.2.4 and below FortiWeb version 7.4.0 Description: The issue allows an authenticated attacker to read password hashes of other administrators via CLI commands. This is d...
UCS@school Security Breach
UCS@school is a comprehensive solution that provides access to school infrastructure and applications as well as a complete toolset for operating them. A security vulnerability exists in versions prior to UCS@school 4.4v5-errata, which stems from an incorrect LDAP ACL in ucs-school-ldap-acls-mast...
Ibexa GraphQL Bundle 安全漏洞
Ibexa GraphQL Bundle is an Ibexa open source GraphQL server for the eZ platform, open source Symfony CMS. A security vulnerability exists in Ibexa GraphQL Bundle versions prior to 2.3.12 and 1.0.13, which stems from the fact that its insecure storage of sensitive information results in...
CVE-2017-5163
An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, is saved to a location that is accessible without...
UBUNTU-CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
PT-2012-3945 · Anaconda · Anaconda
Name of the Vulnerable Software and Affected Versions: Anaconda affected versions not specified Description: The issue concerns the bootloader configuration module in Anaconda, specifically the pyanaconda/bootloader.py file, which sets 755 permissions for /etc/grub.d. This setting allows local...
sosreport does not blank root password in anaconda plugin
The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file /root/anaconda-ks.cfg when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes...