Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/02 6:29 p.m.6 views

CVE-2025-27408

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS5.1AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2025/02/28 6:15 p.m.8 views

CVE-2025-27408

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/28 5:26 p.m.16 views

CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS0.00146EPSS
Exploits0References2
OSV
OSV
added 2025/02/28 5:26 p.m.4 views

CVE-2025-27408 Manifest Uses a One-Way Hash without a Salt

Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt. This exposes user passwords to a higher risk of being cracked if an attacker gains access to the database. Without the use of a salt,...

4.8CVSS6.8AI score0.00146EPSS
Exploits0References4
Rows per page
Query Builder