Use of a Broken or Risky Cryptographic Algorithm

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the use of a weak cryptographical hash algorithm in the User.php and...

Use of a Broken or Risky Cryptographic Algorithm

Overview langchain-chatchat is a Langchain-Chatchat formerly langchain-ChatGLM, local knowledge based LLM like ChatGLM, Qwen and Llama RAG and Agent app with langchain Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the PIL.Image.tobytes...

EUVD-2025-23551

Malicious code in bioql PyPI...

CVE-2025-51726

CyberGhostVPNSetup.exe Windows installer is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification...

EveHome Eve Play 安全漏洞

EveHome Eve Play is an audio streaming interface from EveHome, Inc. A security vulnerability exists in EveHome Eve Play version 1.1.42 and earlier, which stems from the presence of a cryptographic hash vulnerability using insufficient computational effort that can be exploited by an attacker to...

Weak Cryptographic Hash

Liferay Portal is vulnerable to Weak Cryptographic Hash. The vulnerability exists due to the default password hashing algorithm PBKDF2-HMAC-SHA1 having a low work factor in the Liferay Portal. It allows attackers to crack password hashes quickly, potentially compromising user accounts and gaining...

Security Bulletin: Vulnerability in Brix crypto-js affects IBM Process Mining CVE-2023-46233

Summary There is a vulnerability in Brix crypto-js that could allow an remote attacker to obtain sensitive information. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION...

Security Bulletin: crypto-js affects IBM Spectrum Control [CVE-2023-46233]

Summary crypto-js is vulnerable to a remote attacker to obtain sensitive information. This vulnerability affects IBM Spectrum Control. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION: Brix crypto-js could allow a remo...

WordPoints: Weak Cryptographic Hash

Issue: The following files are vulnerable to this issue: \src\includes\class-breaking-updater.php line 246 and 247 protected function checkmodule $module $randstr = strshuffle md5 microtime ; $nonce = md5 $randstr . 'wordpointscheckmodules-' . $module ;...