82 matches found
CVE-2026-25861 QloApps 1.7.0 Weak Password Hashing via MD5 in Tools.php
QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...
CVE-2026-22574
A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...
EUVD-2020-24796
Malware in sbrugna...
EUVD-2014-5113
Malware in sbrugna...
EUVD-2006-7127
Malware in sbrugna...
EUVD-2013-6806
Malware in sbrugna...
EUVD-2002-1915
Malware in sbrugna...
EUVD-2021-15175
Malware in sbrugna...
EUVD-2015-2970
Malware in sbrugna...
EUVD-2017-14262
Malware in sbrugna...
EUVD-2023-48265
Malicious code in bioql PyPI...
EUVD-2022-3685
Malicious code in bioql PyPI...
EUVD-2022-27630
Malicious code in bioql PyPI...
Palo Alto Networks User-ID Credential Agent 安全漏洞
Palo Alto Networks User-ID Credential Agent is a component of Palo Alto Networks, Inc. that has the capability to collect the correspondence between a user's identity and IP address. A security vulnerability exists in the Palo Alto Networks User-ID Credential Agent that originates from a specific...
PT-2025-37084
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks affected versions not specified Description: The vulnerability involves the cleartext exposure of service account passwords. It is a medium-severity issue. Recommendations: At the moment, there is no information about a new...
CVE-2023-43905
Incorrect access control in writercms v1.1.0 allows attackers to directly obtain backend account passwords via unspecified vectors...
CVE-2020-3525
A vulnerability in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration page...
CVE-2020-3525
A vulnerability in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration page...
CVE-2024-34891
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read Exchange account passwords via HTTP GET request...
CVE-2024-34887
Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server via HTTP POST request...