WordPress Site Offline plugin <= 1.5.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Site Offline versions = 1.5.7...

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

docs

It is an of...

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

CVE-2025-51540

EzGED3 3.5.0 stores passwords using an insecure hashing chain md5(md5(password)) with no salt, enabling offline brute-force attacks if hashes are exposed. Affected versions include 3.5.0 through 3.5.72.27183. Vendor states fix in 3.5.72.27183. Remediation: upgrade to 3.5.72.27183 or later.

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

CVE-2025-51540

EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm make...

PT-2025-33748 · Ezged3 · Ezged3

Name of the Vulnerable Software and Affected Versions: EzGED3 versions 3.5.0 through 3.5.72.27183 Description: EzGED3 stores user passwords using an insecure hashing scheme: md5md5password. This hashing method is cryptographically weak, allowing attackers to perform efficient offline brute-force...

SUSE-SU-2025:20597-1 Security update for systemd

This update for systemd fixes the following issues: - Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...

Security update for systemd

This update for systemd fixes the following issues: Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...

SUSE-SU-2025:20554-1 Security update for systemd

This update for systemd fixes the following issues: - Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...

Linux Distros Unpatched Vulnerability : CVE-2024-36888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix selection of wakecpu in kickpool With cpupossiblemask=0-63 and...

CVE-2025-44647

In TRENDnet TEW-WLC100P 2.03b03, the idontcareaboutsecurityanduseaggressivemodepsk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK...

CVE-2025-44649

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...

CVE-2025-44647

In TRENDnet TEW-WLC100P 2.03b03, the idontcareaboutsecurityanduseaggressivemodepsk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK...

TRENDnet TEW-WLC100P 安全漏洞

The TRENDnet TEW-WLC100P is a wireless LAN controller from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-WLC100P version 2.03b03 that stems from enabling IKEv1 aggressive mode, which could lead to an offline attack...

CVE-2025-44647

In TRENDnet TEW-WLC100P 2.03b03, the idontcareaboutsecurityanduseaggressivemodepsk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed to use IKEv1 Aggressive Mode with Pre-Shared Keys to conduct offline attacks on the openly transmitted hash of the PSK...

PT-2025-30306 · Trendnet · Trendnet Tew-Wlc100P

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The configuration of racoon within the device sets the exchage mode to aggressive. Utilizing aggressive mode in IKE Phase 1 results in the exposure of identity information in plaintext, making...

PT-2025-30291 · Unknown +1 · Strongswan +1

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The i dont care about security and use aggressive mode psk option is enabled in the strongSwan configuration file, allowing IKE Responders to use IKEv1 Aggressive Mode with Pre-Shared Keys. Th...

TRENDnet TEW-WLC100P 安全漏洞

The TRENDnet TEW-WLC100P is a wireless LAN controller from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-WLC100P version 2.03b03, which stems from enabling aggressive mode in the racoon configuration file, which could lead to an offline dictionary attack...