CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2025/04/04 4:6 p.m.•8 views

GHSA-2FRX-2596-X5R6 gitoxide does not detect SHA-1 collision attacks

Summary gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. Details gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct G...

6.8CVSS6.6AI score0.0002EPSS

Exploits0References5

OSV•added 2025/04/04 2:41 p.m.•7 views

CVE-2025-31130 gitoxide does not detect SHA-1 collision attacks

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

6.8CVSS6.5AI score0.0002EPSS

Exploits0References4

Prion•added 2018/04/18 8:29 p.m.•18 views

Code injection

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks...

5CVSS9.5AI score0.00247EPSS

Exploits0References3

Cvelist•added 2018/04/18 8:0 p.m.•15 views

CVE-2018-7242

9.6AI score0.00247EPSS

Exploits0References3

OSV•added 2011/02/10 6:0 p.m.•3 views

CVE-2011-0539

The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...

6.6AI score

Exploits0References11