Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/10/16 12:0 a.m.6 views

Ilevia EVE X1 Server 安全漏洞

Ilevia EVE X1 Server is a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server version 4.7.18.0.eden and prior versions, which stems from storing passwords using the unsalted MD5 hash algorithm, which could lead to an offline dictionary...

8.2CVSS6.6AI score0.0028EPSS
Exploits2References3
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.5 views

IBM Security Verify Governance 安全漏洞

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security Verify Governance suffers from a security vulnerability that ste...

4.9CVSS6.4AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.4 views

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from the use of unsalted unidirection...

7.5CVSS6.9AI score0.00525EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/21 12:0 a.m.8 views

OnlineVotingSystem Encryption Problem Vulnerability

Dbijaya OnlineVotingSystem is a Java-based online voting system from the individual developers of Dbijaya. OnlineVotingSystem before version 1.1.2 suffers from a cryptographic vulnerability that stems from not using a salt to hash a user's password, which can be exploited by an attacker to make i...

5.8CVSS6AI score0.00736EPSS
Exploits0References3
OSV
OSV
added 2020/05/04 2:15 p.m.5 views

CVE-2020-8791

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...

6.5CVSS6.8AI score0.01022EPSS
Exploits1References1
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.169 views

RedTeam Pentesting GmbH

Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes The Owl Intranet Engine uses no salting in the password hashing procedure. Furthermore, users in the "Administrators" group are able to see the MD5 password hashes of every user using the web interface. Details...

6.8AI score
Exploits0
Rows per page
Query Builder