CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

PT-2025-50539

Name of the Vulnerable Software and Affected Versions Mobile Application affected versions not specified Description The application utilizes an insecure hashing algorithm, MD5, for password storage. An attacker obtaining password hashes—through methods like exploiting cloud services or performin...

Meatmeet Pro App 安全漏洞

Meatmeet Pro App is a meat product purchasing application from Meatmeet. A security vulnerability exists in Meatmeet Pro App version v1.1.2.0 that stems from the use of an insecure MD5 hash algorithm that could lead to credential cracking...

CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Ilevia EVE X1/X5 Server version 4.7.18.0.eden stores user passwords in the database using the MD5 hashing algorithm, which is considered cryptographically insecure due to its vulnerability to collision and brute-force attacks. MD5 lacks modern protections such as salting and computational hardnes...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

CVE-2025-34519

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden store user passwords with MD5 without per-password salt, enabling offline dictionary/rainbow-table/brute-force attacks on a breached database. Connected sources confirm this insecure hashing practice and indicate the vendor has declined to se...

EUVD-2018-7658

Malware in sbrugna...

EUVD-2019-9336

Malware in sbrugna...

EUVD-2006-4060

Malware in sbrugna...

EUVD-2025-25209

Malicious code in bioql PyPI...

EUVD-2024-21971

Malicious code in bioql PyPI...

CVE-2025-34208

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SAAS) uses unsalted SHA-512 and, fallback unsalted SHA-1, for password hashing via PHP hash() in multiple files (server_write_requests_users.php, update_database.php, legacy/Login.php, tests/Unit/Api/IdpControllerTest...

EzGED 安全漏洞

EzGED is an enterprise-level electronic document management system from the French company EzGED. A security vulnerability exists in EzGED version 3.5.0, which stems from an insecure password hashing scheme that could lead to password disclosure...

PT-2025-33748 · Ezged3 · Ezged3

Name of the Vulnerable Software and Affected Versions: EzGED3 versions 3.5.0 through 3.5.72.27183 Description: EzGED3 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak, allowing attackers to perform efficient offline brute-force...

CVE-2025-51540

EzGED3 3.5.0 stores passwords using an insecure hashing chain md5(md5(password)) with no salt, enabling offline brute-force attacks if hashes are exposed. Affected versions include 3.5.0 through 3.5.72.27183. Vendor states fix in 3.5.72.27183. Remediation: upgrade to 3.5.72.27183 or later.

CVE-2024-56516

free-one-api allows users to access large language model reverse engineering libraries through the standard OpenAI API format. In versions up to and including 1.0.1, MD5 is used to hash passwords before sending them to the backend. MD5 is a cryptographically broken hashing algorithm and is no...

Emissary May Use a Broken or Risky Cryptographic Algorithm

Summary The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases e.g., SHA-1, CRC32, and SSDEEP. These algorithms, while possibly valid for certain...

CVE-2021-39182

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of t...

CVE-2024-8453

Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords...