CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

DELL PowerScale OneFS Encryption Issue Vulnerability

DELL PowerScale OneFS is Dell's horizontally scalable clustered file system designed to manage unstructured data and support enterprise-class storage capabilities. DELL PowerScale OneFS suffers from an encryption issue vulnerability that stems from the use of an insecure encryption algorithm, whi...

EUVD-2020-3420

Malware in sbrugna...

EUVD-2019-19219

Malware in sbrugna...

EUVD-2022-35324

Malicious code in bioql PyPI...

EUVD-2023-53261

Malicious code in bioql PyPI...

EUVD-2024-24402

Malicious code in bioql PyPI...

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

CVE-2022-30111

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...

GHSA-HRMX-8JJV-G758 Navidrome uses MD5 hashing algorithm

Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information...

CVE-2024-27161

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult t...

CVE-2024-27161 Hardcoded password used to encrypt files

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult t...

CVE-2024-27161

CVE-2024-27161 concerns Toshiba multifunction printers (MFPs) with programs containing a hardcoded key used to encrypt files. The root cause is the use of a hardcoded credential and insecure encryption, allowing an attacker who can access the device to decrypt stored/files by using that key. Seve...

CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm

An attacker with access to the private network the charger is connected to or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would...

CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

Code injection

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm...

CVE-2023-28006

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

Theonedev Onedev 安全特征问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A security signature iss...

CVE-2022-45782

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover...