16 matches found
CVE-2026-10540
CVE-2026-10540 affects Control-M/Enterprise Manager (unsupported versions 9.0.20.x and potentially earlier). The vulnerability stems from weak protections for stored password hashes, potentially allowing offline password recovery if credential data is obtained. The CVSS metrics indicate a Local a...
CVE-2026-11481 yoanbernabeu grepai Postgres Embedding Cache chunker.go PostgresStore.LookupByContentHash weak hash
A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embedding Cache. Executing a manipulation of the argument contenthash can lead to use of weak hash. T...
CVE-2025-41762 Secret leak with wwwdnload.cgi
An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates...
CVE-2025-41762
CVE-2025-41762 describes an unauthenticated attacker exploiting a weak hash in the backup generated by the wwwdnload.cgi endpoint to gain access to sensitive data (e.g., password hashes and certificates). The described attack vector is local, with no user interaction required and no privileges re...
MBS多款产品 安全漏洞
MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security...
CVE-2026-30789 RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force
Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Client login, peer authentication modules allows Password Brute Forcing. T...
Linux Distros Unpatched Vulnerability : CVE-2024-7701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects...
CVE-2025-3937
Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...
SICK DL100-2xxxxxxx 安全漏洞
The SICK DL100-2xxxxxxxxx is a series of sensors from SICK, Germany. A security vulnerability exists in the SICK DL100-2xxxxxxxxx that stems from the use of a weak hash algorithm to generate a password hash, which could lead to an attacker easily calculating a matching password...
PT-2024-4152 · Fortinet · Fortiproxy +1
Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.4.4 FortiOS version 7.2 and earlier FortiOS version 7.0 and earlier FortiOS version 6.4 and earlier FortiProxy versions prior to 7.4.3 FortiProxy version 7.2 and earlier FortiProxy version 7.0 and earlier FortiProx...
CVE-2021-32519
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash. The referred vulnerability has been solved with the updated version of QSAN Storage Manager...
WordPress 4.7.x < 4.7.7 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
NetIQ iManager and NetIQ eDirectory MD5 Hash Algorithm Vulnerabilities
NetIQ iManager and NetIQ eDirectory are both products of the American company NetIQ formerly Novell. The former is a WEB-based application that can manage and configure eDirectory objects using wireless devices. The latter is an identity management infrastructure platform that combines identity...
ABB PCM600 Password Hash Vulnerability
The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. The master application password in the ABB PCM600 ACTConfig configuration file uses a weak hash function. A local attacker could exploit this vulnerability to access the affected device...
Inductive Automation Ignition Brute Force Vulnerability
Ignition is an updated version of FactoryPMI, the HMI/SCADA product offered by Inductive Automation. Ignition suffers from a security vulnerability in the hash algorithm MD5 in use, which can lead to brute force attacks on database storage accounts...
Ingenium Learning Management System 5.1/6.1 - Reversible Password Hash
source: https://www.securityfocus.com/bid/5970/info Ingenium Learning Management System uses a weak algorithm to hash user and administrative credentials. Passwords may be trivially obtained by reversing the password hash. An attacker must be able to gain unauthorized access to the password hashe...