EUVD-2024-21084

Malicious code in bioql PyPI...

EUVD-2023-38510

Malicious code in bioql PyPI...

EUVD-2025-26519

Malicious code in bioql PyPI...

CVE-2025-59745

Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily crack...

CVE-2025-59745 Multiple vulnerabilities in AndSoft's e-TMS

Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily crack...

CVE-2025-55053

CVE-2025-55053 is a CWE-328 weak-hash issue. Connected sources indicate Baicells devices (NOVA430e/430i, NOVA436Q, NEUTRINO430, NOVA846) are affected, with the vulnerability stemming from weak hashing that could bypass security features. There is no explicit product/version-specific fix details i...

PT-2025-36927

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The issue involves the use of a weak hash. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etcro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the...

PT-2025-34251 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version 16.03.10.13 Description: A vulnerability exists in the MD5 Hash Handler component of Tenda AC10. The issue affects an unknown function within the /etc ro/shadow file. Manipulation of this function results in the exposure of...

SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP6) (SUSE-SU-2025:02926-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02926-1 advisory. This update for the Linux Kernel 6.4.0-1506002350 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core:...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP7) (SUSE-SU-2025:02858-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02858-1 advisory. This update for the Linux Kernel 6.4.0-1507005 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do...

UBUNTU-CVE-2025-40923

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...

Use of a Broken or Risky Cryptographic Algorithm

Overview hydrolib-core is a Python wrappers around D-HYDRO Suite. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the use of the MD5 hash algorithm in security-sensitive contexts. An attacker can exploit this vulnerability to trigger securi...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: Update to version 20250416.02 bsc1244304, bsc1244503 defaultSleeper: tolerate 10% difference to reduce test flakiness Add output of some packagemanagers to the testdata from version 20250416.01 Refactor OS Info package from version...

CVE-2025-41256

CVE-2025-41256 affects Cyberduck (through 9.1.6) and Mountain Duck (through 4.17.5) due to improper TLS certificate pinning for untrusted certificates, with fingerprint storage using SHA-1. This creates a high-severity risk (CVSSv3: 7.4, High) for network-based situations where self-signed or unt...

CVE-2025-41256 Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint

Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...

CVE-2025-41256 Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint

Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...