pearweb 安全漏洞

PearWeb is a PHP extension and application repository developed by PEAR. Versions prior to pearweb1.33.0 contained security vulnerabilities. These vulnerabilities stemmed from predictable verification hashing, which could allow attackers to guess verification tokens and potentially unauthorized...

PYSEC-2025-62

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Maliciously constructed statements can lead to hash collisions, resulting in cache reuse, which can interfere with subsequent responses and cause unintended behavior. Prefix caching makes use of Python's built-i...

UBUNTU-CVE-2024-47188

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker...

CVE-2021-33582

A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this vulnerability is to...

Denial Of Service (DoS) CPU Consumption

mingw32-libxml2 is vulnerable to denial of service. The attack exists because it uses predictable hashing function causing intentional collisions and does not prevent the attacker inputing a malicious message to an XML service, resulting in longer processing time, which could lead to a denial of...

Hash Collision Attack

Apache James Project is vulnerable to collision attack. The application generates a unique index key for every email body using the predictable hashing algorithm MD5, allowing attackers to guess the indexed email's contents and perform an unauthorized access/replacement to the email body...