CVE-2022-45782

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover...

CVE-2022-29965

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface 23/TCP on M-series and SIS CSLS/LSNB/LSNG nodes is controlled by means of utility passwords. These passwords are...

Code injection

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface 23/TCP on M-series and SIS CSLS/LSNB/LSNG nodes is controlled by means of utility passwords. These passwords are...

CVE-2022-30111

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...

Design/Logic Flaw

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...

CVE-2022-30111

CVE-2022-30111 affects MCK Smartlock 1.0 due to an insecure rolling-code algorithm that enables replay attacks to unlock the mechanism. The vulnerability arises from the rolling-code design, allowing an attacker with physical access to replay codes and compromise authentication. In the NVD entry,...

CVE-2022-30111

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...

Improper hashing in enrocrypt

Impact The vulnerability is we used MD5 hashing Algorithm In our hashing file. If anyone who is a beginnerand doesn't know about hashes can face problems as MD5 is considered a Insecure Hashing Algorithm. Patches The vulnerability is patched in v1.1.4 of the product, the users can upgrade to...

GHSA-35M5-8CVJ-8783 Improper hashing in enrocrypt

Impact The vulnerability is we used MD5 hashing Algorithm In our hashing file. If anyone who is a beginnerand doesn't know about hashes can face problems as MD5 is considered a Insecure Hashing Algorithm. Patches The vulnerability is patched in v1.1.4 of the product, the users can upgrade to...

Huawei Data Communication: SSL is configured with an insecure algorithm

If the cipher-suite-list command contains insecure algorithms, the service that references this rule has security risks. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2021-27200

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day...

CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

Design/Logic Flaw

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

CVE-2021-22309

CVE-2021-22309 affects Huawei USG firewall products (USG9500, USG9520, USG9560, USG9580) with specific V500R001C30SPC200/ V500R001C60SPC500/ V500R005C00SPC200 for USG9500; USG9520 V500R005C00; USG9560 V500R005C00; USG9580 V500R005C00. Root cause is an insecure algorithm caused by using less rando...

Security Advisory - Information Leakage Vulnerability in Huawei Products

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Vulnerability ID: HWPSIRT-2020-74955 This vulnerability ha...

FreeBSD : glpi -- weak csrf tokens (b64edef7-3b10-11eb-af2a-080027dbe4b7)

MITRE Corporation reports : In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6. C Tenable Network Security, Inc. The...

CVE-2020-11035

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...

CVE-2020-11035

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...

CVE-2020-11035 weak CSRF tokens in GLPI

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...