EUVD-2025-32184

Malicious code in bioql PyPI...

EUVD-2025-4633

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7778-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7778-1: sha.js vulnerability

Nikita Skovoroda discovered that sha.js did not properly handle certain inputs. An attacker could possibly use this issue to manipulate the internal state of hash functions, resulting in hash collisions, denial of service, or other unspecified impact...

MetaCPAN Apache::AuthAny::Cookie 安全漏洞

MetaCPAN Apache::AuthAny::Cookie is a Perl authentication module from the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Apache::AuthAny::Cookie version 0.201 and earlier, which stems from the use of MD5 hash and rand functions to generate insecure session IDs, which could lead ...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : cipher-base vulnerability (USN-7746-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7746-1 advisory. Nikita Skovoroda discovered that cipher-base did not properly manage certain inputs. An attacker could possibly use th...

Ubuntu: Security Advisory (USN-7746-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-55053

CWE-328: Use of Weak Hash...

CVE-2025-55053

CWE-328: Use of Weak Hash...

There is a NULL pointer dereference in hash() in yasm version 1.3.0

...

Linux Distros Unpatched Vulnerability : CVE-2020-22336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in pdfcrack 0.17 thru 0.18, allows attackers to execute arbitrary code via a stack overflow in the MD5 function. CVE-2020-22336 Note tha...

CVE-2025-9287

An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js createHash function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for...

Malicious code in phi-orchestrate-cron-hash-function (npm)

The package phi-orchestrate-cron-hash-function was found to contain malicious code...

VulnCheck KEV: CVE-2025-48925

The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...

CVE-2022-29210

TensorFlow is an open source platform for machine learning. In version 2.8.0, the TensorKey hash function used total estimated AllocatedBytes, which a is an estimate per tensor, and b is a very poor hash function for constants e.g. int32t. It also tried to access individual tensor bytes through...

CVE-2021-32596

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables...

CVE-2020-6838

In mruby 2.1.0, there is a use-after-free in hashvaluesat in mrbgems/mruby-hash-ext/src/hash-ext.c...

CVE-2019-25007

An issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can cause a panic...

CVE-2019-25006

An issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can produce the wrong answer...

Slice+Slice Baby: Generating Last-Level Cache Eviction Sets in the Blink of an Eye

An essential step for mounting cache attacks is finding eviction sets, collections of memory locations that contend on cache space. On Intel processors, one of the main challenges for identifying contending addresses is the sliced cache design, where the processor hashes the physical address to...