Lucene search
K

17 matches found

CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

newbee-mall 加密问题漏洞

newbee-mall is an e-commerce system developed by newbee with open source. newbee-mall has encryption-related vulnerabilities; these vulnerabilities stem from the use of the unsalted MD5 hash algorithm for storing and verifying user passwords. This allows attackers to quickly recover plaintext...

9.3CVSS5.8AI score0.00191EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.6 views

Ilevia EVE X1 Server 安全漏洞

Ilevia EVE X1 Server is a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server version 4.7.18.0.eden and prior versions, which stems from storing passwords using the unsalted MD5 hash algorithm, which could lead to an offline dictionary...

8.2CVSS6.6AI score0.0028EPSS
Exploits2References3
Snyk
Snyk
added 2025/08/28 1:33 p.m.2 views

Use of Password Hash With Insufficient Computational Effort

Overview Affected versions of this package are vulnerable to Use of Password Hash With Insufficient Computational Effort due to the use of a simple, unsalted hash for storing user passwords and API keys. An attacker can obtain sensitive information by performing offline rainbow table attacks...

6.9CVSS6.5AI score0.00162EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2013-7484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix before 5.0 represents passwords in the users table with unsalted MD5. CVE-2013-7484 Note that Nessus relies on the presence of the package as reported by...

7.5CVSS7.2AI score0.01211EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.5 views

IBM Security Verify Governance 安全漏洞

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security Verify Governance suffers from a security vulnerability that ste...

4.9CVSS6.4AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.1 views

PLANET switch devices 安全漏洞

PLANET switch devices are a series of switch devices from PLANET Corporation in China. A security vulnerability exists in PLANET switch devices that stems from the use of an insecure hash function that is not salted to hash user passwords. A remote attacker with administrator privileges could rea...

4.9CVSS6.7AI score0.00301EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.4 views

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from the use of unsalted unidirection...

7.5CVSS6.9AI score0.00525EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/21 12:0 a.m.6 views

OnlineVotingSystem Encryption Problem Vulnerability

Dbijaya OnlineVotingSystem is a Java-based online voting system from the individual developers of Dbijaya. OnlineVotingSystem before version 1.1.2 suffers from a cryptographic vulnerability that stems from not using a salt to hash a user's password, which can be exploited by an attacker to make i...

5.8CVSS6AI score0.00736EPSS
Exploits0References3
OSV
OSV
added 2020/05/04 2:15 p.m.5 views

CVE-2020-8791

The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. A remote attacker can use their own token to make unauthorized API requests on behalf of arbitrary...

6.5CVSS6.8AI score0.01022EPSS
Exploits1References1
NVD
NVD
added 2019/11/30 2:15 a.m.23 views

CVE-2013-7484

Zabbix before 5.0 represents passwords in the users table with unsalted MD5...

7.5CVSS7.5AI score0.01211EPSS
Exploits0References3
OSV
OSV
added 2019/11/30 2:15 a.m.8 views

CVE-2013-7484

Zabbix before 5.0 represents passwords in the users table with unsalted MD5...

7.5CVSS9AI score
Exploits0References3
OpenVAS
OpenVAS
added 2017/03/22 12:0 a.m.28 views

McAfee Vulnerability Manager Unsalted Password Vulnerability

McAfee Vulnerability Manager is prone to unsalted password vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.9AI score0.00943EPSS
Exploits0References1
CVE
CVE
added 2017/03/14 10:0 p.m.54 views

CVE-2015-8989

McAfee Vulnerability Manager (MVM) – Enterprise Manager web portal is affected by CVE-2015-8989. The vulnerability stems from unsalted passwords stored for user accounts, enabling attackers to brute-force passwords against the MVM database. Affected: McAfee Vulnerability Manager prior to version ...

8.8CVSS8.6AI score0.00943EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/03/14 10:0 p.m.23 views

CVE-2015-8989

Unsalted password vulnerability in the Enterprise Manager web portal component in Intel Security McAfee Vulnerability Manager MVM 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database...

8.7AI score0.00943EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.168 views

RedTeam Pentesting GmbH

Advisory: Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes The Owl Intranet Engine uses no salting in the password hashing procedure. Furthermore, users in the "Administrators" group are able to see the MD5 password hashes of every user using the web interface. Details...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/01/25 12:0 a.m.38 views

Debian DSA-2150-1 : request-tracker3.6 - unsalted password hashing

It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it. %NASLMINLEVEL 70300 C Tenable Network Securit...

4.3CVSS5.4AI score0.01879EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2008/03/26 12:0 a.m.3 views

PT-2008-3085 · Zyxel · Zyxel Prestige

Name of the Vulnerable Software and Affected Versions: ZyXEL Prestige routers versions 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3 Description: The issue is related to the calculation of an MD5 password hash without using a salt, making it easier for attackers to crack passwords. Recommendations: For...

7.5CVSS7.4AI score0.0089EPSS
Exploits0References5
Rows per page
Query Builder