1911 matches found
CVE-2025-48348
Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline site-offline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Offline: from n/a through = 1.5.7...
Linux Distros Unpatched Vulnerability : CVE-2020-8793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSMTPD before 6.6.4 allows local users to read arbitrary files e.g., on some Linux distributions because of a combination of an untrusted search path in...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
Use of Password Hash With Insufficient Computational Effort
Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...
CVE-2025-48348
Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline site-offline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Offline: from n/a through = 1.5.7...
CVE-2025-48348 WordPress Site Offline plugin <= 1.5.7 - Broken Access Control vulnerability
Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline site-offline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Offline: from n/a through = 1.5.7...
CVE-2025-48348
CVE-2025-48348 affects WordPress Site Offline plugin (versions up to 1.5.7). The issue is an Incorrect Privilege/ Broken Access Control assignment due to misconfigured access control levels, enabling exploitation of privilege checks as described in multiple sources. CVSS v3.1: Network attack vect...
WordPress plugin Site Offline 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2025-35017
Name of the Vulnerable Software and Affected Versions: chandrashekharsahu Site Offline versions n/a through 1.5.7 Description: An incorrect privilege assignment exists in Site Offline, allowing exploitation of incorrectly configured access control security levels. Recommendations: Update Site...
SUSE CVE-2025-53884
NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack offline attack where hashes of known passwords are precomputed...
CVE-2025-35114
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...
CVE-2025-35114
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...
CVE-2025-35114 Agiloft local privilege escalation via default credentials
Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30...
CVE-2025-35114
CVE-2025-35114 affects Agiloft Release 28, where several accounts use default credentials enabling local privilege escalation. The vulnerability arises from accounts with known password hashes that could be cracked offline. Mitigation suggested in multiple sources is upgrading to Agiloft Release ...
PT-2025-34815 · Agiloft · Agiloft
Name of the Vulnerable Software and Affected Versions: Agiloft versions prior to 30 Description: Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could...
WordPress Site Offline plugin <= 1.5.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Site Offline versions = 1.5.7...
CVE-2025-51540
EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...