Lucene search
K

262 matches found

Packet Storm News
Packet Storm News
added 2026/01/29 12:0 a.m.7 views

Libgcrypt 1.12.0

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

6AI score
Exploits0
OSV
OSV
added 2026/01/27 12:0 a.m.5 views

UBUNTU-CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS7.1AI score0.00502EPSS
Exploits1References4
NVD
NVD
added 2026/01/23 9:15 p.m.8 views

CVE-2025-52026

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 ...

7.5CVSS0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.14 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS7.5AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 4:16 p.m.11 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/09 12:0 a.m.26 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

TIM BPM Suite和TIM FLOW 安全漏洞

TIM BPM Suite and TIM FLOW are both business process management software from TIM Germany. A security vulnerability exists in TIM BPM Suite and TIM FLOW versions prior to 9.1.2 that stems from password hashes being stored in MD5 format, which could lead to elevated privileges...

5.3CVSS6.7AI score0.00311EPSS
Exploits0References3
CVE
CVE
added 2026/01/09 12:0 a.m.12 views

CVE-2025-67279

TIM BPM Suite & TIM FLOW (TIM Solution GmbH) before v9.1.2 are affected by CVE-2025-67279. The issue: password hashes stored with MD5, enabling a remote attacker to escalate privileges. Affected versions are prior to 9.1.2; exploitation details are not provided beyond the vulnerability descriptio...

5.3CVSS7.1AI score0.00311EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.8 views

PT-2026-1875

Name of the Vulnerable Software and Affected Versions TIM BPM Suite & TIM FLOW versions prior to 9.1.2 Description The application stores password hashes in MD5 format, which allows a remote attacker to escalate privileges. Recommendations Update to version 9.1.2 or later...

5.3CVSS7AI score0.00311EPSS
Exploits0References6
NVD
NVD
added 2026/01/08 1:15 p.m.4 views

CVE-2026-0719

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

8.6CVSS0.00557EPSS
Exploits0References23
EUVD
EUVD
added 2025/12/10 9:31 p.m.6 views

EUVD-2025-202613

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

6.4AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Meatmeet Pro App 安全漏洞

Meatmeet Pro App is a meat product purchasing application from Meatmeet. A security vulnerability exists in Meatmeet Pro App version v1.1.2.0 that stems from the use of an insecure MD5 hash algorithm that could lead to credential cracking...

7.5CVSS6.7AI score0.00186EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 12:0 a.m.23 views

CVE-2025-65831

CVE-2025-65831 is documented across multiple sources as involving insecure MD5-based password hashing that could enable credential cracking and unauthorized account access if hashes are obtained. A concrete product reference appears in CNNVD: Meatmeet Pro App v1.1.2.0 uses MD5 for password hashin...

7.5CVSS6.5AI score0.00186EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/21 6:39 p.m.3 views

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

5.1CVSS6.5AI score0.00321EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.7 views

OpenML Frontend 安全漏洞

OpenML Frontend is an OpenML Frontend page from OpenML Open Source. A security vulnerability exists in OpenML Frontend version v2.0.20241110, which stems from the use of predictable MD5-based tokens that could lead to account takeover...

7.5CVSS6.7AI score0.00529EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2025/11/10 12:0 a.m.158 views

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Ilevia EVE X1/X5 Server version 4.7.18.0.eden stores user passwords in the database using the MD5 hashing algorithm, which is considered cryptographically insecure due to its vulnerability to collision and brute-force attacks. MD5 lacks modern protections such as salting and computational hardnes...

8.2CVSS7.1AI score0.0028EPSS
Exploits2
CNVD
CNVD
added 2025/10/13 12:0 a.m.6 views

AndSoft e-TMS Encryption Issue Vulnerability

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an encryption issue vulnerability that stems from the use of MD5 encrypted passwords, which can be exploited by an attacker to cause the disclosure of user credentials...

7.5CVSS6.8AI score0.00233EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/11 12:0 a.m.5 views

System Password Security: Attack and Defense Mechanisms

System passwords serve as critical credentials for user authentication and access control when logging into operating systems or applications. Upon entering a valid password, users pass verification to access system resources and execute corresponding operations. In recent years, frequent passwor...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-2980

Malware in sbrugna...

10CVSS6.4AI score0.01795EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-2711

Malware in sbrugna...

5CVSS6.4AI score0.02628EPSS
Exploits0References10
Rows per page
Query Builder