CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589

CVE-2024-23589 concerns HCL Glovius Cloud. The root cause is an outdated hashing algorithm that could allow attackers to guess input data via brute-force or dictionary attacks using GPUs/ASICs. Documented impact per CVSS metrics is high for confidentiality, integrity, and availability, with adjac...

PT-2025-23314 · Hcl · Hcl Glovius Cloud

Name of the Vulnerable Software and Affected Versions: HCL Glovius Cloud affected versions not specified Description: The issue is related to an outdated Hash algorithm used in HCL Glovius Cloud, which could allow attackers to efficiently guess input data using brute-force or dictionary attacks,...

CVE-2024-29886

Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised. This vulnerability is fixed by 1.2.6...

CVE-2024-56414

Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 Windows before build 39169...

CVE-2023-28386

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the firmware and does not check using a private-public key mechanism. The lack of complete PKI system firmware signature could allow attackers to upload arbitrar...

CVE-2023-0452

Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians...

UBUNTU-CVE-2022-49627

In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in imainitcrypto On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the imaalgoarray. Add the missing kfree for imaalgoarray to avoid the potential memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from imainitcrypto not freeing imaalgoarray when the allocation of a SHA1 tfm fails, which could lead to a memory...

CVE-2020-5229

Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially...

CVE-2024-56414

Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 Windows before build 39169...

CVE-2024-56414

The CVE-2024-56414 entry describes a vulnerability in Acronis Cyber Protect 16 for Windows prior to build 39169, where the web installer integrity check uses a weak hash algorithm. Affected product/version: Acronis Cyber Protect 16 (Windows) before build 39169. Impact and exploit details are not ...

CVE-2024-56414

Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 Windows before build 39169...

SUSE CVE-2024-55885

beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponents due to its vulnerability to collision attacks. Version 2.3.4 replaces MD5 with SHA256...

UBUNTU-CVE-2024-53106

In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...

CVE-2024-53106 ima: fix buffer overrun in ima_eventdigest_init_common

In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a buffer overflow due to the use of HASHALGOLAST in the imaeventdigestinitcommon function in the ima...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud has a security vulnerability that stems from an MD5 hash being used to check the uniqueness of background jobs. This increases the likelihood tha...

Bludit Security Breach

Bludit is an open source, lightweight blog content management system CMS. A security vulnerability exists in Bludit that stems from the use of the SHA-1 hash algorithm to calculate password hashes, which can be brute-force attacked by an attacker to determine plaintext passwords...

Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices

Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, whi...