CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

CVE-2026-8803

A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to...

PT-2026-28533

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The get api video password is correct API endpoint allows any unauthenticated user to verify whether a given password is correct for any password-protected video. The endpoint returns a...

MiracleLinux 7 : grub2-2.02-0.33.0.1.el7.AXS7 (AXSA:2015-955:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-955:03 advisory. The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It support rich varietyof kernel formats, fi...

SUSE CVE-2017-1000113

The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with...

Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is...

SUSE-SU-2016:3056-1 Security update for crowbar-barclamp-trove

This update for crowbar-barclamp-trove fixes the following issues: - Fix initial migration and schema revision. - Set the trove service password to random. bsc991729, CVE-2016-6829...

openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)

This update contains yast2 core changes to change the hash generation of new passwords to the new secure style. Please read the general notes below : The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected...

openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods CVE-2011-2483. SUSE's crypt implementation supports the blowfish password hashing...

openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods CVE-2011-2483. SUSE's crypt implementation supports the blowfish password hashing...

openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)

This update contains yast2 core changes to change the hash generation of new passwords to the new secure style. Please read the general notes below : The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected...

SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...

SuSE 11.1 Security Update : glibc (SAT Patch Number 4944) (deprecated)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...

SuSE 10 Security Update : glibc (ZYPP Patch Number 7659)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...

SuSE9 Security Update : glibc suite (YOU Patch Number 12813)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...