MaxKB 安全漏洞

MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Versions of MaxKB prior to 2.9.1 contained a security vulnerability. This vulnerability stemmed from the use of unaltered MD5 hash storage for user passwords, which could make the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004029 advisory. An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to sen...

EUVD-2019-14668

Malware in sbrugna...

Use of Password Hash With Insufficient Computational Effort

Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...

Linux Distros Unpatched Vulnerability : CVE-2019-5061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before...

CVE-2025-48931

The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities including rainbow tables with low computational effort...

CVE-2025-48931

The CVE-2025-48931 entry concerns TeleMessage service passwords hashed with MD5 (through 2025-05-05). Root cause: MD5-based password hashing enabling rainbow-table and related attacks with low computational effort. Impact is implied as password-cryptography weakness; no explicit exploited vector ...

CVE-2024-47182

Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3...

CVE-2024-47182 Dozzle uses unsafe hash for passwords

Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from the use of unsalted unidirection...

SUSE CVE-2019-5108

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0098)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with ze...

CVE-2019-5108

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

CVE-2019-5108

CVE-2019-5108 is an exploitable denial-of-service in the Linux kernel prior to mainline 5.3. An attacker can trigger IAPP location updates for stations before authentication completes by forging Authentication/Association Request packets, leading to potential CAM-table attacks or traffic flapping...

CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

UBUNTU-CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

Linux kernel CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

CVE-2019-6972

An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credentials can be easily decoded and cracked by brute-force, WordList, or Rainbow Table attacks. Specifically, credentials in the "Authorization" cookie are encoded with URL encoding and base64, leading to easy decoding. Also, the...