Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Tridium Niagara Use of Password Hash With Insufficient Computational Effort (CVE-2025-3937)

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

9.8CVSS7.6AI score0.00316EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/05 9:54 p.m.3 views

Use of Password Hash With Insufficient Computational Effort

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of insufficient bcrypt salt rounds in the getHash function. An attacker can significantly reduce the time required to crack passwor...

5.6CVSS5.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/07 6:39 a.m.7 views

Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series"

Overview Wi-Fi router "WSR-1800AX4 series" provided by BUFFALO INC. contains the following vulnerability. Use of password hash with insufficient computational effort CWE-916 - CVE-2025-46413 Kazuaki Chikamori and Takayuki Tatekawa of National Institute of Technology, Kochi College reported this...

5.3CVSS5.3AI score0.00105EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/22 12:23 p.m.20 views

CVE-2025-3937 Use of Password Hash with Insufficient Computational Effort

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

7.7CVSS0.00316EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/16 9:31 p.m.8 views

CVE-2025-2349 IROAD Dash Cam FX2 Password Hash passwd weak password hash

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational...

3.1CVSS4AI score0.00165EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/15 10:56 a.m.9 views

CVE-2024-7701

Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0...

7.5CVSS5.2AI score0.002EPSS
Exploits0
NVD
NVD
added 2024/06/11 3:16 p.m.25 views

CVE-2024-23111

An improper neutralization of input during web page Generation 'Cross-site Scripting' vulnerability CWE-79 in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged...

6.8CVSS0.01042EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/19 12:54 p.m.26 views

CVE-2022-47557 Use of Password Hash With Insufficient Computational Effort in Ormazabal products

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions...

6.1CVSS6.5AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/19 12:54 p.m.15 views

CVE-2022-47557 Use of Password Hash With Insufficient Computational Effort in Ormazabal products

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions...

6.1CVSS7AI score0.00115EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.19 views

Siemens Desigo PXC and DXR Devices Use of Password Hash with Insufficient Computational Effort (CVE-2022-24041)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS6.4AI score0.0044EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.13 views

Siemens SICAM MMU, SICAM T, and SICAM SGU Use of Password Hash with Insufficient Computational Effort (CVE-2020-10040)

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with local access to the device might be able to retrieve some passwords in clear text. This plugin only works with Tenable.ot. Please visit...

5.5CVSS5.6AI score0.00195EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/11/08 2:15 p.m.40 views

CVE-2021-39182 Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of t...

7.5CVSS7.7AI score0.00544EPSS
Exploits1References2
ICS
ICS
added 2021/08/19 12:0 a.m.64 views

Baker Hughes Bently Nevada 3500

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bently Nevada, a Baker Hughes subsidiary Equipment: 3500 Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This advisory was originally posted to the...

8.2CVSS8.1AI score0.00306EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.24 views

Rockwellautomation Factorytalk Use of Password Hash With Insufficient Computational Effort

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. File data ot500427.nasl...

7.5CVSS3.2AI score0.04095EPSS
Exploits0References2
CVE
CVE
added 2021/05/26 7:20 p.m.61 views

CVE-2021-22741

CVE-2021-22741 affects Schneider Electric ClearSCADA and EcoStruxure Geo SCADA Expert (2019 all versions; 2020 up to v83.7742.1). The issue is a Password Hash with Insufficient Computational Effort, which could allow an attacker with access to server database files to decrypt or reveal user crede...

6.7CVSS6.6AI score0.00166EPSS
Exploits0References1Affected Software3
Prion
Prion
added 2021/01/26 6:16 p.m.13 views

Default credentials

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by...

4CVSS5.2AI score0.00561EPSS
Exploits0References1Affected Software2
ICS
ICS
added 2018/07/31 12:0 a.m.41 views

Davolink DVW-3200N

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Davolink Equipment: DVW-3200N Vulnerability: Use of Password Hash With Insufficient Computational Effort 2. RISK EVALUATION Successful exploitation of this vulnerability may result in a remote...

9.8CVSS10AI score0.10123EPSS
Exploits1References5
Rows per page
Query Builder