RHEL 8 : krb5 (RHSA-2025:15002)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15002 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...

EulerOS 2.0 SP13 : krb5 (EulerOS-SA-2025-2265)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...

EUVD-2017-0145

Malware in sbrugna...

EUVD-2016-0236

Malware in sbrugna...

RockyLinux 9 : krb5 (RLSA-2025:9430)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9430 advisory. krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions CVE-2025-3576 Tenable has extracted the preceding description bloc...

EUVD-2024-50752

Malicious code in bioql PyPI...

krb5 security update

An update is available for krb5. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

RHEL 8 : krb5 (RHSA-2025:15003)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15003 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...

CVE-2025-3044

A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...

CVE-2025-41652

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes,...

CVE-2025-41652 Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes,...

CVE-2025-41652 Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches

The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to guess valid credentials or by using MD5 collision techniques to forge authentication hashes,...

CVE-2025-41652

CVE-2025-41652 affects Weidmueller Interface network switches (e.g., E-SW-VL08MT-8TX, IE‑SW‑PL10M‑3GT‑7TX, IE‑SW‑PL16M‑16TX, IE‑SW‑PL18M‑2GC‑16TX). Root cause: flaw in the authorization mechanism enabling an authentication bypass. An unauthenticated attacker could bypass login by brute-forcing cr...

PT-2025-22982 · Weidmueller · Ie-Sw-Pl10M-3Gt-7Tx +12

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force...

sagemaker-python-sdk 安全漏洞

sagemaker-python-sdk is an Amazon Web Services open source library for training and deploying machine learning models on Amazon SageMaker. A security vulnerability exists in sagemaker-python-sdk that stems from an MD5 hash collision in the SageMaker Workflow component that could result in workflo...

CVE-2024-12297

Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable...

CVE-2024-12297

Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable...

CVE-2024-12297 Frontend Authorization Logic Disclosure Vulnerability

Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable...

Beego has Collision Hazards of MD5 in Cache Key Filenames

In the context of using MD5 to generate filenames for cache keys, there are significant collision hazards that need to be considered. MD5, or Message Digest Algorithm 5, is a widely known cryptographic hash function that produces a 128-bit hash value. However, MD5 is no longer considered secure...

GHSA-9J3M-FR7Q-JXFW Beego has Collision Hazards of MD5 in Cache Key Filenames

In the context of using MD5 to generate filenames for cache keys, there are significant collision hazards that need to be considered. MD5, or Message Digest Algorithm 5, is a widely known cryptographic hash function that produces a 128-bit hash value. However, MD5 is no longer considered secure...