Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Redos
Redosadded 2024/07/31 12:0 a.m.16 views

ROS-20240731-06

A vulnerability in the SHA-3 cryptographic hash function of the eXtended Keccak Code Package XKCP software package is related to errors in block processing of input data and type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code during...

9.8CVSS8.1AI score0.014EPSS
Exploits1
NVD
NVDadded 2021/05/26 7:15 p.m.17 views

CVE-2019-25030

In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...

5.5CVSS0.00047EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2017/02/23 1:17 p.m.15 views

First Practical SHA-1 Collision Attack Arrives

Researchers unveiled on Thursday the first practical collision attack for the 22-year old cryptographic hash function SHA-1. While long expected, news of the attack, dubbed ‘SHAttered,’ should further accelerate the urgency of sunsetting of the maligned algorithm. Researchers from Google, Elie...

7.3AI score
Exploits0References14
ThreatPost
ThreatPostadded 2016/05/31 1:37 p.m.12 views

Millions of Stolen MySpace, Tumblr Credentials Being Sold Online

Hackers are peddling roughly 427 million passwords belonging to users of MySpace, a social network that in its heyday was one of the most visited sites on the internet. The same service that claimed to have information on 164 million LinkedIn users earlier this month is now boasting to have...

6.8AI score
Exploits0References7
ThreatPost
ThreatPostadded 2016/05/03 9:43 a.m.16 views

Microsoft's SHA-1 Deprecation Begins with Windows 10 Anniversary Update

The home stretch of Microsoft’s planned SHA-1 deprecation schedule has arrived. This summer, with the planned release of the Windows 10 Anniversary Update, users should see signs that the weak cryptographic hash function is being phased out. Microsoft said that once the anniversary update is roll...

0.9AI score
Exploits0References8
The Hacker News
The Hacker Newsadded 2014/02/06 1:28 a.m.16 views

98% of SSL enabled websites still using SHA-1 based weak Digital Certificates

The National Institute of Standards and Technology NIST had published a document on Jan 2011 that the SHA-1 algorithm will be risky and should be disallowed after year 2013, but it was recently noticed by Netcraft experts that NIST.gov website itself were using 2014 dated SSL certificate with SHA...

6.6AI score
Exploits0
The Hacker News
The Hacker Newsadded 2011/05/04 10:43 a.m.13 views

PlayStation Network Security Update !

On Tuesday, April 26 Sony shared that some information that was compromised in connection with an illegal and unauthorized intrusion into our network. Once again, Sony'd like to apologize to the many users who were inconvenienced and worried about this situation. Sony want to state this again giv...

6.6AI score
Exploits0
Rows per page
Query Builder