Lucene search
K

115 matches found

EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42857

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...

8.2CVSS6.1AI score0.00269EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-41879

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...

8.7CVSS6.1AI score0.01228EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/20 12:51 a.m.8 views

[SECURITY] Fedora 44 Update: ongres-scram-3.3-1.fc44

This is a Java implementation of SCRAM Salted Challenge Response Authentication Mechanism which is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. It is described as part of RFC 5802 and RFC7677...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/06/19 1:10 a.m.13 views

[SECURITY] Fedora 43 Update: ongres-scram-3.3-1.fc43

This is a Java implementation of SCRAM Salted Challenge Response Authentication Mechanism which is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. It is described as part of RFC 5802 and RFC7677...

5.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

9.1CVSS5.4AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

7.5CVSS5.4AI score0.00393EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 10:21 a.m.18 views

jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

A flaw was found in pgjdbc, an open-source PostgreSQL JDBC Driver. A malicious server can exploit this vulnerability by instructing the driver to perform SCRAM-SHA-256 Salted Challenge Response Authentication Mechanism Secure Hash Algorithm 256 authentication with an excessively large iteration...

7.5CVSS5.7AI score0.0077EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

WeGIA 安全漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.7.3 contained security vulnerabilities. These vulnerabilities stemmed from the use of a salted SHA-256 hash algorithm in login and password change processes, which could lead to rainbow...

5.9CVSS5.8AI score0.00136EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.14 views

SUSE CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 12:30 a.m.14 views

EUVD-2026-31198

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

5.8AI score0.00397EPSS
Exploits0References3
NVD
NVD
added 2026/05/20 10:16 p.m.14 views

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

9.1CVSS0.00397EPSS
Exploits0References3
OSV
OSV
added 2026/05/20 10:16 p.m.8 views

DEBIAN-CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 10:8 p.m.35 views

CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

0.00397EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 10:8 p.m.8 views

CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

5.8AI score0.00397EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 10:8 p.m.9 views

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

5.8AI score0.00397EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/20 10:8 p.m.30 views

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

9.1CVSS5.8AI score0.00397EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/20 9:16 p.m.13 views

CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References5
OSV
OSV
added 2026/05/20 9:16 p.m.7 views

UBUNTU-CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/20 8:25 p.m.10 views

CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

5.8AI score0.00393EPSS
Exploits0References3
Rows per page
Query Builder