48 matches found
Astra Linux - уязвимость в krb5
The RADIUS protocol, as described in RFC 2865, is vulnerable to forgery attacks by local attackers who can modify any valid response—whether an Access-Accept, Access-Reject, or Access-Challenge response—into any other response, using a chosen-prefix collision attack against the MD5 Response...
EUVD-2019-17181
Malware in sbrugna...
EUVD-2011-0036
Malware in sbrugna...
EUVD-2009-4268
Malware in sbrugna...
EUVD-2021-0070
Malware in sbrugna...
EUVD-2010-2931
Malware in sbrugna...
EUVD-2024-3454
Malicious code in bioql PyPI...
EUVD-2021-30850
Malicious code in bioql PyPI...
EUVD-2024-53177
Malicious code in bioql PyPI...
SUSE-SU-2025:03270-1 Security update for krb5
This update for krb5 fixes the following issues: - CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current...
Security Bulletin: IBM Observability with Instana (OnPrem) has addressed multiple vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.303 Vulnerability Details CVEID:CVE-2025-0395 DESCRIPTION: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure...
RLSA-2025:8411 Moderate: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
CVE-2025-48931
The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities including rainbow tables with low computational effort...
PT-2025-23114 · Unknown · Telemessage
Name of the Vulnerable Software and Affected Versions: TeleMessage service through 2025-05-05 Description: The issue concerns the use of MD5 for password hashing, which allows for various attack possibilities, including the use of rainbow tables, with low computational effort. Recommendations: Fo...
CVE-2024-36496
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm no salt and uses the first five bytes as the key for RC...
CVE-2024-55885
beego is an open-source web framework for the Go programming language. Versions of beego prior to 2.3.4 use MD5 as a hashing algorithm. MD5 is no longer considered secure against well-funded opponents due to its vulnerability to collision attacks. Version 2.3.4 replaces MD5 with SHA256...
CVE-2019-15653
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...
CVE-2012-6707
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...
CVE-2013-5181
The auto-configuration feature in Mail in Apple Mac OS X before 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote attackers to obtain sensitive information by sniffing the network...
ABB Cylon FLXeon 9.3.5 (uukl.js) Predictable Salt and Weak Hashing Algorithm
Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...