Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/13 7:23 p.m.2 views

CVE-2026-33710

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5time + userid 5 - rand10000, 10000. The rand10000, 10000 call always returns exactly 10000 min == max, making the formula effectively md5timestamp + userid5 - 10000. An attacker who...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/10 12:0 a.m.2 views

PT-2026-32024

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5time + user id 5 - rand10000, 10000. The rand10000, 10000 call always returns exactly 10000 min == max, making the formula effectively md5timestamp + user id5 - 10000. An attacker wh...

7.5CVSS5.8AI score0.00044EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/01/31 12:0 a.m.4 views

EulerOS Virtualization 2.10.0 : krb5 (EulerOS-SA-2026-1175)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...

7.1CVSS5.9AI score0.00252EPSS
Exploits0References3
SUSE Linux
SUSE Linuxadded 2025/10/21 10:8 a.m.3 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5 as very old protocol supported quite a number of ciphers that are not longer up to current cryptographi...

8.2CVSS6.9AI score0.00252EPSS
Exploits0References4
SUSE Linux
SUSE Linuxadded 2025/09/15 12:33 p.m.2 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...

8.2CVSS7AI score0.00252EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2024/11/04 1:11 a.m.2 views

freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

9CVSS7.2AI score0.22162EPSS
Exploits2References10
Cvelist
Cvelistadded 2017/10/19 7:0 p.m.17 views

CVE-2012-6707

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

7.8AI score0.00182EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2015/09/10 2:14 p.m.33 views

Password Cracking Group Decodes 11 Million Ashley Madison Passwords

A San Diego-based password cracking group has taken a big step towards deciphering some of the 36 million odd passwords leaked in last month’s Ashley Madison breach, a move that could quickly lead to the widespread hacking of any users who used the same password on other services. Hackers had...

0.7AI score
Exploits0References3
Rows per page
Query Builder