EUVD-2014-8083

Malware in sbrugna...

EUVD-2011-3153

Malware in sbrugna...

EUVD-2009-2958

Malware in sbrugna...

EUVD-2025-22853

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2014-8242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

CVE-2025-8260

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

CVE-2025-8260

A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file /grid/vgridserver.php of the component MD4 Hash Handler. The manipulation of the argument xajaxargs leads to use of weak hash. The attack can be initiated remotely. T...

CVE-2025-8260

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

CVE-2025-8260 Vaelsys VaelsysV4 Web interface vgrid_server.php weak hash

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

PT-2025-31050 · Unknown · Vaelsys 4.1.0

Name of the Vulnerable Software and Affected Versions: Vaelsys version 4.1.0 Description: A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file /grid/vgrid server.php of the component MD4 Hash Handler. The manipulation o...

krb5 security update

1.21.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-9 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-88704 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88048 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82647 1.21.1-7 -...

Fedora 43 : krb5 (2025-1c915db8a5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-1c915db8a5 advisory. Automatic update for krb5-1.21.3-6.fc43. Changelog Wed Jun 4 2025 Julien Rische - 1.21.3-6 - Do not block HMAC-MD4/5 in FIPS mode Resolves: rhbz2370259 -...

krb5 security update

1.18.2-32.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-32 - Do not block HMAC-MD4/5 in FIPS mode Resolves: RHEL-86786 - Don't issue RC4 session keys by default CVE-2025-3576 Resolves: RHEL-88049 - Add PKINIT paChecksum2 from MS-PKCA v20230920 Resolves: RHEL-82648...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

Windows Kerberos RC4 MD4 Encryption Downgrade Privilege Escalation Vulnerability

Windows: Kerberos RC4 MD4 Encryption Downgrade EoP Platform: Windows 10+ Class: Elevation of Privilege Security Boundary: User Summary: The KDC allows an interposing attacker to downgrade to RC4 MD4 encryption in compromising the user's TGT session key resulting in EoP. NOTE: I tried to look if...

Exploit for CVE-2022-31749

CVE-2022-31749 by 1vere$k Simple PoC-checker for CVE-2022-3174...

Decoder++ - An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

An extensible application for penetration testers and software developers to decode/encode data into various formats. Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: Install using pip pip3 install decoder-plus-plus Overview This section provides...

Spoofing Attack

nspr is vulnerable to spoofing attacks. Dan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be...

Security Bulletin: IBM QRadar SIEM uses broken or risky cryptographic algorithms (CVE-2016-2879)

Summary The software uses an outdated insecure cipher or it is using a proprietary crypto standard which is likely to be vulnerable. Outdated/broken algorithms are MD4, MD5, SHA1, DES, ECB, RC4, Export ciphers, SSLv2, SSLv3, DH using keys less than 1024 Vulnerability Details CVEID: CVE-2016-2879...

Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...