CVE-2024-34914

php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its rememberkey value. This allows attackers to bruteforce to bruteforce the rememberkey value to gain access to accounts that have checked "remember me" when logging in...

CVE-2024-34914

php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its rememberkey value. This allows attackers to bruteforce to bruteforce the rememberkey value to gain access to accounts that have checked "remember me" when logging in...

Weak Cryptographic Hash

Liferay Portal is vulnerable to Weak Cryptographic Hash. The vulnerability exists due to the default password hashing algorithm PBKDF2-HMAC-SHA1 having a low work factor in the Liferay Portal. It allows attackers to crack password hashes quickly, potentially compromising user accounts and gaining...

CVE-2024-2365

A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by this vulnerability is an unknown functionality of the file io\fabric\sdk\android\services\network\PinningTrustManager.java of the component SHA-1 Handler. The manipulation leads to password hash with...

PT-2024-2192 · Unknown · Usb Pratirodh

Name of the Vulnerable Software and Affected Versions: USB Pratirodh affected versions not specified Description: This issue is related to the use of a weaker cryptographic algorithm, specifically SHA1, in the user login component. A local attacker with administrative privileges could exploit thi...

Default credentials

The default password hashing algorithm PBKDF2-HMAC-SHA1 in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers...

Design/Logic Flaw

Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device...

CVE-2024-1040

CVE-2024-1040 affects Gessler GmbH WEB-MASTER, specifically version 7.9, where user passwords are stored using a weak hashing algorithm. The weakness allows an attacker to restore passwords by breaking the stored hashes (confirmed by multiple sources in connected documents). This vulnerability ha...

Weak Hashing Algorithm

bsock is vulnerable to a Weak Hashing Algorithm. The vulnerable is due to the libraries usage of weak hashing algorithm MD5, SHA1 within vendor\faye-websocket.js. This could allow an attacker to break the confidentiality of the websocket communication...

CVE-2023-24047

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...

CVE-2023-24047

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...

Design/Logic Flaw

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...

CVE-2023-24047

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...

CVE-2023-24047

Technical details for CVE-2023-24047 are not publicly available in the provided documents. Monitor for updates.

CVE-2023-24047

An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm...

Weak Encryption

Crypto-es is vulnerable to Insecure Hashing Algorithm. The vulnerability is present because the library uses the cryptographically weak sha1 algorithm by default. This weakness allows an attacker to potentially forge data, certificates, or digital signatures, which could lead to unauthorized acce...

CVE-2020-36724

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hashhmac function and the use of a loose comparison on the hash which allows an attacker to trick the functio...

CVE-2023-26855

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords...

CVE-2023-26855

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords...

Design/Logic Flaw

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords...