5 matches found
CVE-2026-8881
The CVE-2026-8881 entry affects the Securly Chrome Extension (version 3.0.7). It relies on EVP_BytesToKey with MD5 and a single iteration for AES encryption. The description notes that MD5 has been broken since 2004 and a single iteration provides no key stretching, which weakens the cryptographi...
CVE-2025-55053
CWE-328: Use of Weak Hash...
CVE-2025-55053
CWE-328: Use of Weak Hash...
The vulnerability in the software installation tool of Acronis Cyber Protect 16 allows a perpetrator to compromise the integrity of the protected information.
The vulnerability in the Acronis Cyber Protect 16 software installation tool is related to the use of an algorithm whose security requirements are not met for the hash function. Exploiting this vulnerability could allow a attacker to compromise the integrity of the protected information...
freeradius: forgery attack
A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...