20 matches found
CVE-2026-22920
...
CVE-2026-22920
This CVE entry is rejected/not used and does not represent an active vulnerability entry.
PT-2026-3001
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks. Recommendations At the moment, there is no...
EUVD-2020-2991
Malware in sbrugna...
EUVD-2022-43592
Malicious code in bioql PyPI...
PT-2025-40401
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments affected versions not specified Description The software stores user passwords using unsalted SHA-512 hashes, with a fallback to unsalted SHA-1. The...
4C Strategies Exonaut 安全漏洞
4C Strategies Exonaut is a training, exercise and readiness management platform from the Swedish company 4C Strategies. A security vulnerability exists in 4C Strategies Exonaut version 21.6 that stems from an unsalted hash of passwords stored in the database...
CVE-2025-32471
The device’s passwords have not been adequately salted, making them vulnerable to password extraction attacks...
SICK FLX0-GPNT100和SICK FLX3-CPUC200 安全漏洞
The SICK FLX0-GPNT100 and SICK FLX3-CPUC200 are both products of SICK, Germany.The SICK FLX0-GPNT100 is a photoelectric sensor for precise object detection and localization in industrial automation.The SICK FLX3-CPUC200 is a high-performance photoelectric sensor controller designed for complex SI...
SUSE CVE-2006-1058
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables...
CVE-2022-40295
The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks...
CVE-2022-40295
The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks...
CVE-2022-40295
The CVE-2022-40295 entry concerns PHP Point of Sale v19.0, where an authenticated information disclosure allows administrators to view unsalted user passwords, enabling offline attacks to recover plaintext passwords. The vulnerability is described consistently across NVD/CVE records and related s...
PT-2022-25331 · Unknown · Application
Name of the Vulnerable Software and Affected Versions: Application affected versions not specified Description: The issue allows authenticated information disclosure, enabling administrators to view unsalted user passwords. This could lead to the compromise of plaintext passwords via offline...
SUSE SLES12 Security Update : zabbix (SUSE-SU-2021:0990-1)
This update for zabbix fixes the following issues : CVE-2021-27927: Fixed an improper CSRF protection mechanism bsc1183014. CVE-2013-7484: Fixed an issue where passwords in the users table were unsalted bsc1158321. Note that Tenable Network Security has extracted the preceding description block...
SUSE-SU-2021:0990-1 Security update for zabbix
This update for zabbix fixes the following issues: - CVE-2021-27927: Fixed an improper CSRF protection mechanism bsc1183014. - CVE-2013-7484: Fixed an issue where passwords in the users table were unsalted bsc1158321...
CVE-2013-7484
Zabbix before 5.0 represents passwords in the users table with unsalted MD5...
UBUNTU-CVE-2013-7484
Zabbix before 5.0 represents passwords in the users table with unsalted MD5...
Ncentral 8.x Insecure Access / Unsalted Passwords / CSRF Vulnerabilities
Ncentral versions 8.0.x through 8.2.0-1152 suffer from insecure SOAP access that leads to an unprivileged SSH session, poor trust based authentication leading to database compromise, plain text password storage, cross site request forgery, and other vulnerabilities. RA001: Multiple vulnerabilitie...
PT-2006-2092 · Busybox +1 · Busybox +1
Name of the Vulnerable Software and Affected Versions: BusyBox version 1.1.1 Description: The issue is related to password generation, where a salt is not used, making it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. Recommendations...