EUVD-2025-8117

Malicious code in bioql PyPI...

CVE-2025-48931

The CVE-2025-48931 entry concerns TeleMessage service passwords hashed with MD5 (through 2025-05-05). Root cause: MD5-based password hashing enabling rainbow-table and related attacks with low computational effort. Impact is implied as password-cryptography weakness; no explicit exploited vector ...

CVE-2023-33838

IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input...

CVE-2021-36460

VeryFitPro com.veryfit2hr.second 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's...

CVE-2025-3937 Use of Password Hash with Insufficient Computational Effort

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

CVE-2023-33838

CVE-2023-33838 affects IBM Security Verify Governance 10.0.2 Identity Manager. The issue is that the product uses a one-way cryptographic hash on inputs that should not be reversible (e.g., passwords) without applying a salt, increasing exposure of hashed values. The connected IBM bulletin confir...

IBM Security Verify Governance 安全漏洞

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security Verify Governance suffers from a security vulnerability that ste...

RLSA-2024:10379 Important: pam security update

Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fixes: pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 pam: Improper Hostname Interpretation in pamaccess Leads t...

CVE-2024-22892

OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords...

The vulnerability of the implementation of the S-Bus protocol in microprogrammed software for programmable logic controllers (PCD controllers) allows a intruder to disclose protected information.

The vulnerability of the S-Bus protocol implementation in microprogrammed programmable logic controllers PCD controllers is related to the use of a non-safe hash algorithm for password hashing. Exploiting this vulnerability could allow an attacker to disclose the protected information...

PhpList Authentication Bypass Vulnerability (CNVD-2021-48845)

PhpList is a suite of open source newsletter and email marketing software from PhpList UK. A security vulnerability exists in phpList 3.5.3 that stems from the use of == instead of === for password hashing. No details of the vulnerability are provided at this time...

FancyFon FAMOC Cryptographic Hash Algorithm Vulnerability

FancyFon FAMOC is a mobile device management platform. FancyFon FAMOC suffers from a password hashing algorithm vulnerability that can be exploited by an attacker to conduct a brute force attack and obtain a user's password...