Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.4 views

CVE-2026-39031

Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...

5.5CVSS5.8AI score0.00089EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.19 views

PT-2026-50778

Name of the Vulnerable Software and Affected Versions Mojolicious::Sessions::Storable versions prior to 0.06 Description The software generates session IDs insecurely. The default session ID generator utilizes a SHA-1 hash seeded with the built-in rand function, the epoch time, the heap address o...

5.3CVSS5.9AI score0.00274EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/27 4:13 a.m.9 views

SUSE CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS5.8AI score0.0011EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/08 5:53 a.m.5 views

EUVD-2026-20063

Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked fr...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References3
NVD
NVD
added 2026/03/28 7:16 p.m.7 views

CVE-2026-3256

HTTP::Session versions before 0.54 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the PID. The PID will come...

9.8CVSS0.0053EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.6 views

PT-2026-23117

Name of the Vulnerable Software and Affected Versions Plack::Middleware::Session::Simple versions through 0.04 Description The software generates session IDs insecurely. The default session ID generator uses a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID...

9.8CVSS5.8AI score0.00433EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

OpenClaw 加密问题漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a cryptographic issue vulnerability that stems from the use of SHA-1 hashed Docker and browser sandbox configurations of the sandbox identifier cache key, which can be exploited by an attacker to enable...

9.1CVSS5.8AI score0.00179EPSS
Exploits0References3
NVD
NVD
added 2025/09/20 1:15 p.m.8 views

CVE-2025-40925

Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch...

9.1CVSS0.00336EPSS
Exploits0References3
CVE
CVE
added 2025/09/20 12:31 p.m.18 views

CVE-2025-40925

Starch versions 0.14 and earlier are affected. The insecure session-id generator uses a SHA-1 hash seeded with a counter, epoch time, the built‑in rand, the PID, and Perl reference addresses, making session IDs predictable and potentially enabling unauthorized access. The issue is confirmed acros...

9.1CVSS6.5AI score0.00336EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.8 views

PT-2024-23165 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue concerns the use of the SHA-1 hash in internal SSH ports. These ports are not open to remote connection. Recommendations: For Brocade SANnav versions...

5.7CVSS7.2AI score0.00163EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.4 views

PT-2024-3222 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue is related to the class FileTransfer in Brocade SANnav, which uses the ssh-rsa signature scheme with a SHA-1 hash. This could allow a remote,...

7.5CVSS7.2AI score0.00306EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2016/10/14 4:0 p.m.4 views

CVE-2005-4900

SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is...

6.5AI score0.00938EPSS
Exploits0References11
Rows per page
Query Builder