Lucene search
K

16 matches found

CVE
CVE
added 2026/07/01 7:52 a.m.16 views

CVE-2026-10540

CVE-2026-10540 affects Control-M/Enterprise Manager (unsupported versions 9.0.20.x and potentially earlier). The vulnerability stems from weak protections for stored password hashes, potentially allowing offline password recovery if credential data is obtained. The CVSS metrics indicate a Local a...

5.6CVSS5.8AI score0.00078EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/08 2:45 a.m.9 views

CVE-2026-11481 yoanbernabeu grepai Postgres Embedding Cache chunker.go PostgresStore.LookupByContentHash weak hash

A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embedding Cache. Executing a manipulation of the argument contenthash can lead to use of weak hash. T...

2.5CVSS4.5AI score0.00082EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/09 8:17 a.m.4 views

CVE-2025-41762 Secret leak with wwwdnload.cgi

An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates...

6.2CVSS5.8AI score0.00079EPSS
Exploits0References1
CVE
CVE
added 2026/03/09 8:17 a.m.10 views

CVE-2025-41762

CVE-2025-41762 describes an unauthenticated attacker exploiting a weak hash in the backup generated by the wwwdnload.cgi endpoint to gain access to sensitive data (e.g., password hashes and certificates). The described attack vector is local, with no user interaction required and no privileges re...

6.2CVSS5.8AI score0.00079EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.7 views

MBS多款产品 安全漏洞

MBS UBR-01 Mk II, etc., are products of the German MBS company. The MBS UBR-01 Mk II is a remote base station device. The MBS UBR-02 is also a remote base station device. The MBS UBR-LON is a communication interface device for industrial automation systems. Several MBS products have security...

6.2CVSS5.9AI score0.00079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/05 3:41 p.m.8 views

CVE-2026-30789 RustDesk Auth Proof Uses Server-Controlled Salt/Challenge and Fast Double-SHA256, Enabling Offline Brute-Force

Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Client login, peer authentication modules allows Password Brute Forcing. T...

5.7CVSS5.9AI score0.00269EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-7701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects...

7.5CVSS5.8AI score0.002EPSS
Exploits0References3
OSV
OSV
added 2025/05/22 1:15 p.m.7 views

CVE-2025-3937

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

9.8CVSS5.8AI score0.00316EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.4 views

SICK DL100-2xxxxxxx 安全漏洞

The SICK DL100-2xxxxxxxxx is a series of sensors from SICK, Germany. A security vulnerability exists in the SICK DL100-2xxxxxxxxx that stems from the use of a weak hash algorithm to generate a password hash, which could lead to an attacker easily calculating a matching password...

9.8CVSS6.7AI score0.00518EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/06/11 12:0 a.m.6 views

PT-2024-4152 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.4.4 FortiOS version 7.2 and earlier FortiOS version 7.0 and earlier FortiOS version 6.4 and earlier FortiProxy versions prior to 7.4.3 FortiProxy version 7.2 and earlier FortiProxy version 7.0 and earlier FortiProx...

4.4CVSS6.9AI score0.03469EPSS
Exploits1References5
OSV
OSV
added 2021/07/07 2:15 p.m.5 views

CVE-2021-32519

Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash. The referred vulnerability has been solved with the updated version of QSAN Storage Manager...

7.5CVSS5.8AI score0.00851EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.77 views

WordPress 4.7.x < 4.7.7 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...

9.8CVSS8.3AI score0.10357EPSS
Exploits1References6
CNVD
CNVD
added 2017/05/12 12:0 a.m.4 views

NetIQ iManager and NetIQ eDirectory MD5 Hash Algorithm Vulnerabilities

NetIQ iManager and NetIQ eDirectory are both products of the American company NetIQ formerly Novell. The former is a WEB-based application that can manage and configure eDirectory objects using wireless devices. The latter is an identity management infrastructure platform that combines identity...

7.5CVSS6.9AI score0.00646EPSS
Exploits0References1
CNVD
CNVD
added 2016/06/01 12:0 a.m.30 views

ABB PCM600 Password Hash Vulnerability

The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. The master application password in the ABB PCM600 ACTConfig configuration file uses a weak hash function. A local attacker could exploit this vulnerability to access the affected device...

2.8CVSS6.7AI score0.00304EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/02 12:0 a.m.3 views

Inductive Automation Ignition Brute Force Vulnerability

Ignition is an updated version of FactoryPMI, the HMI/SCADA product offered by Inductive Automation. Ignition suffers from a security vulnerability in the hash algorithm MD5 in use, which can lead to brute force attacks on database storage accounts...

5CVSS6.8AI score0.01116EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2002/10/15 12:0 a.m.30 views

Ingenium Learning Management System 5.1/6.1 - Reversible Password Hash

source: https://www.securityfocus.com/bid/5970/info Ingenium Learning Management System uses a weak algorithm to hash user and administrative credentials. Passwords may be trivially obtained by reversing the password hash. An attacker must be able to gain unauthorized access to the password hashe...

7.4AI score
Exploits0
Rows per page
Query Builder