Lucene search
K

5808 matches found

Nuclei
Nuclei
added yesterday162 views

Tenda AC1200 V-W15Ev2 - Authentication Bypass

The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...

4.9CVSS6.2AI score0.28802EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday111 views

WordPress Redux Framework <=4.2.11 - Information Disclosure

WordPress Redux Framework plugin through 4.2.11 is susceptible to information disclosure. The plugin registers several unique AJAX actions available to unauthenticated users in the includes function in redux-core/class-redux-core.php. These are predictable, given that they are based on an md5 has...

5.3CVSS6.2AI score0.28961EPSS
Exploits6References5
OPENSUSE Linux
OPENSUSE Linux
added 3 days ago4 views

Security update for perl-CGI-Session (moderate)

openSUSE Security Update: Security update for perl-CGI-Session Announcement ID: openSUSE-SU-2026:0240-1 Rating: moderate References: 1269983 Cross-References: CVE-2026-56016 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...

5.9CVSS6.1AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-41879

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...

8.2CVSS0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-41879 Weak password hashing in R-SOFT DMS

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...

8.2CVSS0.00269EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago9 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2595)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Input: alps - fix use-after-free bugs caused by dev3registerworkCVE-2025-68822 ext4: reject mount if bigalloc with sfirstdatablock !=...

9.8CVSS6.9AI score0.0138EPSS
Exploits15References167
NVD
NVD
added 2026/07/07 12:16 a.m.11 views

CVE-2026-53648

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable product, FOSSBilling stores the file as md5 under the uploads...

5.1CVSS0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 8:16 a.m.9 views

CVE-2026-56016

CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources. The generateid method builds the session id from a MD5 digest of the process id, the epoch time, and the built-in rand function. All three are predictable, low-entropy sources: the PID i...

5.9CVSS0.00322EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 6:46 a.m.23 views

CVE-2026-56016

CVE-2026-56016 (CGI::Session::ID::md5) affects Perl CGI::Session versions before 4.49. The vulnerable code path uses generate_id to build a session id from a MD5 digest of the process ID, epoch time, and rand(), all low-entropy/predictable sources. This enables an attacker to predict session IDs ...

5.9CVSS5.8AI score0.00322EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 6:40 a.m.6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.11 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 11:20 a.m.10 views

CVE-2026-53692

CVE-2026-53692 affects Redeight CMS v1.0. The root cause is storing passwords with MD5 without a salt, a cryptographically broken hash, allowing attackers who obtain password hashes to reverse them via rainbow tables and expose plaintext credentials. The Connected CVE records confirm this in Rede...

5.9CVSS5.8AI score0.00399EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 9:4 a.m.11 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
Mageia
Mageia
added 2026/06/27 5:16 p.m.10 views

Updated krb5 packages fix security vulnerabilities

CVE-2025-3576, A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity...

7.5CVSS5.8AI score0.00501EPSS
Exploits2References6
CVE
CVE
added 2026/06/25 8:38 p.m.22 views

CVE-2026-6412

Technical details about CVE-2026-6412 are not publicly available in the provided documents. Monitor for updates from the cited sources (WolfSSL, NVD, Debian tracker, CVE List, OSV, EUVD, etc.).

4.3CVSS5.8AI score0.00074EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 12:30 p.m.6 views

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS5.8AI score0.00668EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/23 6:0 p.m.6 views

postgresql:13 security update

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.9AI score0.00558EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/23 6:3 a.m.7 views

postgresql:15 security update

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS5.9AI score0.00668EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/06/23 12:0 a.m.4 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.10 views

RHEL 8 : postgresql:13 (RHSA-2026:28208)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28208 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert...

8.2CVSS6.7AI score0.00558EPSS
Exploits0References4
Rows per page
Query Builder