701 matches found
YesWiki Uses a Broken or Risky Cryptographic Algorithm
Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...
GHSA-4FVX-H823-38V3 YesWiki Uses a Broken or Risky Cryptographic Algorithm
Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...
CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki
YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...
CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki
YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...
CVE-2024-51478
YesWiki (PHP) prior to version 4.4.5 is vulnerable due to use of a weak cryptographic algorithm and a hard-coded salt for hashing the password reset key, enabling recovery and reuse to reset any account’s password. The issue is fixed in 4.4.5. A PoC and multiple advisories (GHSA-4FVX-H823-38V3, V...
CVE-2024-10128
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...
CVE-2024-10128 Topdata Inner Rep Plus WebServer td.js.gz risky encryption
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...
CVE-2024-10128
The CVE-2024-10128 entry concerns Topdata Inner Rep Plus WebServer 2.01. Affected is functionality in the file td.js.gz where manipulation enables a risky cryptographic algorithm. The issue can be exploited remotely and has been publicly disclosed; vendor response is missing. Multiple sources cor...
CVE-2024-10128 Topdata Inner Rep Plus WebServer td.js.gz risky encryption
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...
CVE-2024-48016
Dell Secure Connect Gateway SCG 5.0 Appliance - SRS, versions 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to...
CVE-2024-48016
Dell Secure Connect Gateway SCG 5.0 Appliance - SRS, versions 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to...
CVE-2024-48016
CVE-2024-48016 affects Dell Secure Connect Gateway (SCG) 5.0 Appliance – SRS, 5.24. Root cause: use of a broken/risky cryptographic algorithm. Impact: potential information disclosure via remote access by a low-privileged attacker; attacker could use exposed credentials to access the system with ...
CVE-2024-48016
Dell Secure Connect Gateway SCG 5.0 Appliance - SRS, versions 5.24, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to...
The vulnerability of the Mbed TLS software lies in the use of a faulty or risky cryptographic algorithm, which allows attackers to compromise the protected information.
The vulnerability of the Mbed TLS software is related to the use of a faulty or risky cryptographic algorithm. Exploiting this vulnerability can allow attackers to disclose protected information...
ROS-20240918-15
A vulnerability in the Mbed TLS software is related to the use of a faulty or risky cryptographic algorithm. Exploitation of the vulnerability could allow an intruder to disclose protected information information...
CVE-2024-39583
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2024-39583
Dell PowerScale InsightIQ (versions 5.0–5.1) is affected by CVE-2024-39583 due to use of a broken or risky cryptographic algorithm, enabling an unauthenticated attacker with remote access to potentially achieve elevation of privilege. Publicly available connected documents confirm the affected pr...
CVE-2024-39583
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
GO-2022-0839 Use of a Broken or Risky Cryptographic Algorithm in Terraform in github.com/hashicorp/terraform
Use of a Broken or Risky Cryptographic Algorithm in Terraform in github.com/hashicorp/terraform...
GO-2022-0306 Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy in github.com/foxcpp/maddy
Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy in github.com/foxcpp/maddy...