Lucene search
K

171 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-32251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, whi...

3.7CVSS5.8AI score0.00433EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/18 12:0 a.m.4 views

Hashcat Advanced Password Recovery 7.1.1 Binary Release

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/31 9:15 p.m.7 views

CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS6.4AI score0.00433EPSS
Exploits0References4
NVD
NVD
added 2025/07/31 9:15 p.m.24 views

CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS0.00433EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/31 8:44 p.m.24 views

CVE-2023-32251 Kernel: ksmbd brute force delay bypass via asynchronous requests

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS0.00433EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/07/31 8:44 p.m.3 views

CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS4.9AI score0.00433EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/07/31 8:44 p.m.3 views

CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS5.7AI score0.00433EPSS
Exploits0References5Affected Software5
OSV
OSV
added 2025/07/21 5:15 p.m.4 views

CVE-2025-44649

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...

7.5CVSS5.8AI score0.00273EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.2 views

PT-2025-30306 · Trendnet · Trendnet Tew-Wlc100P

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The configuration of racoon within the device sets the exchage mode to aggressive. Utilizing aggressive mode in IKE Phase 1 results in the exposure of identity information in plaintext, making...

7.5CVSS6.2AI score0.00273EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/06/01 3:36 p.m.9 views

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

6.8CVSS6.9AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2025/05/30 4:15 p.m.14 views

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

6.8CVSS0.00141EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 3:36 p.m.13 views

CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

6.8CVSS0.00141EPSS
Exploits0References1
CVE
CVE
added 2025/05/30 3:36 p.m.41 views

CVE-2024-23589

CVE-2024-23589 concerns HCL Glovius Cloud. The root cause is an outdated hashing algorithm that could allow attackers to guess input data via brute-force or dictionary attacks using GPUs/ASICs. Documented impact per CVSS metrics is high for confidentiality, integrity, and availability, with adjac...

6.8CVSS7.1AI score0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.2 views

HCL Glovius Cloud 安全漏洞

HCL Glovius Cloud is a modern CAD viewer for Windows, iOS, Android and Web browsers from HCL India. HCL Glovius Cloud has a security vulnerability that stems from the use of an outdated hashing algorithm that could lead to brute force cracking or dictionary attacks...

6.8CVSS6.6AI score0.00141EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.4 views

CVE-2023-26855

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords...

7.5CVSS6.9AI score0.00729EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.5 views

CVE-2021-21253

OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for...

5.8CVSS6.8AI score0.00736EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/01/28 10:30 a.m.17 views

How Long Does It Take Hackers to Crack Modern Hashing Algorithms?

While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity...

7.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/11/12 9:19 a.m.5 views

JWCrypto: denail of service Via specifically crafted JWE

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service...

5.3CVSS5.7AI score0.00884EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2024/11/07 12:0 p.m.52 views

A Hacker's Guide to Password Cracking

Defending your organization's security is like fortifying a castle—you need to understand where attackers will strike and how they'll try to breach your walls. And hackers are always searching for weaknesses, whether it's a lax password policy or a forgotten backdoor. To build a stronger defense,...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.437 views

Microsoft SQL Server SUSER_SNAME SQL Logins Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SUSERSNAME SQL Logins Enumeration', 'Description' = %q This module can be used to obtain a list of all logins from a SQL...

7.4AI score
Exploits0
Rows per page
Query Builder