PT-2026-22392

Name of the Vulnerable Software and Affected Versions HTTP::Session2 versions prior to 1.12 Description The software may generate weak session IDs using the rand function. The session ID generator returns a SHA-1 hash seeded with the rand function, epoch time, and the process ID PID. The rand...

EUVD-2006-1545

Malware in sbrugna...

EUVD-2008-0590

Malware in sbrugna...

EUVD-2024-22464

Malicious code in bioql PyPI...

PYSEC-2025-98

A Server-Side Request Forgery SSRF vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access th...

CVE-2025-2265

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

CVE-2025-2265

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

CVE-2025-2265 Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

CVE-2025-2265

The CVE-2025-2265 entry concerns Santesoft Sante PACS Server (Sante PACS Server.exe) where a web user’s password is processed as a 0x2000-byte zero-padded value that is SHA-1 hashed, base64-encoded, and stored in the HTTP.db’s USER table. The reported issue is that the number of hash bytes encode...

CVE-2025-2265 Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

Linux Distros Unpatched Vulnerability : CVE-2023-46233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto-js is a JavaScript library of crypto standards. Prior to version 4.2.0, crypto-js PBKDF2 is 1,000 times weaker than originally specified in 1993, and at...

CVE-2024-1224

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitati...

CVE-2024-1224

The CVE-2024-1224 issue affects USB Pratirodh, specifically in the user login component where SHA-1 is used for hashing. A local attacker with administrative privileges could exploit this weakness to obtain the password on the targeted system, enabling them to take control of the application and ...

WordPress Plugin SALESmanago Authorization Issues Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.WordPress plugin i...

Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys

Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Although mainly...

in hascheksolutions/pictshare

BUG ========== sha1 comparision bypass DETAILS ============= There is vulnerable code which can bypass file sha1 hash checking bypass function sha1Exists$sha1 $handle = fopenROOT.DS.'data'.DS.'sha1.csv', "r"; if $handle while $line = fgets$handle !== false ifsubstr$line,0,40==$sha1 return...

End of support for Office 2010

End of support for Office 2010 Support for Office 2010 ended on October 13, 2020 and there will be no extension and no extended security updates.Buy or try Microsoft 365 Tip: Not sure what version of Office you have? See Find details for other versions of Office to help you determine what version...

Servicing stack update for Windows 10, version 1809: November 10, 2020

Servicing stack update for Windows 10, version 1809: November 10, 2020 This update applies to the following: ​Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows Server 2019 Server Cor...

Servicing stack update for Windows 10, version 2004 and 20H2: November 10, 2020

Servicing stack update for Windows 10, version 2004 and 20H2: November 10, 2020 This update applies to the following: ​Windows 10, version 2004 for 32-bit Systems Windows 10, version 2004 for x64-based Systems Windows 10, version 2004 for ARM64-based Systems Windows Server, version 2004 Server Co...

Description of the security update for Office 2010: October 13, 2020

Description of the security update for Office 2010: October 13, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft Office software when the software fails to properly handle objects in memory. To learn more about these vulnerabilities, see...