CVE-2020-23250

GigaVUE-OS GVOS 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database...

CVE-2019-19397

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...

IBM Aspera Console Encryption Issue Vulnerability

IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. An encryption issue vulnerability exists in IBM Aspera Console 3.4.4 and prior versions, which stems from the use of a...

IBM MQ 加密问题漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. An encryption issue vulnerability exists in IBM MQ Container that stems from the use of a...

CVE-2024-55539

CVE-2024-55539 affects Acronis Cyber Protect Cloud Agent (Linux) and Acronis Cyber Protect 16 (Linux) via use of a weak algorithm to sign RPM packages. Red Hat and other sources corroborate the impact on the listed builds: Acronis Cyber Protect Cloud Agent before 39185 and Acronis Cyber Protect 1...

PT-2024-9986 · Acronis · Acronis Cyber Protect Cloud Agent

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Linux before build 39185 Description: The issue is related to the use of a weak algorithm for signing RPM packages in the Acronis Cyber Protect Cloud Agent for Linux. This weakness can potentially allow an...

CVE-2024-51478 Use of a Broken or Risky Cryptographic Algorithm in YesWiki

YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5...

WebNMS Framework Server Credential Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Credential Disclosure', 'Description' = %q This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extra...

PT-2024-28254 · Horizon Business Services Inc. · Caterease

Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

Adobe ColdFusion Weak Algorithm Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion suffers from a weak algorithmic vulnerability that stems from the presence of weak...

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

CVE-2024-25389

The CVE-2024-25389 entry concerns RT-Thread up to version 5.0.2, where the function calc_random (rt_random.c) uses a weak linear congruential generator seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;. This results in predictable random numbers and thus potential exploitation...

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

IBM Security Verify Directory Encryption Issue Vulnerability

IBM Security Verify Directory is part of an authentication and access management solution from International Business Machines IBM. IBM Security Verify Directory version 10.0.0 suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which could be...

CVE-2023-49259 Bruteforcing authentication cookie for a given user

The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time...

jose4j uses weak cryptographic algorithm

jose4j before v0.9.3 allows attackers to set a low PBES2 iteration count of 1000 or less...

Apache Linkis Weak Algorithm Vulnerability

Apache Linkis is a library of the U.S. Apache Apache Foundation. Helps to easily connect various backend compute/storage engines. Apache Linkis 1.3.1 and earlier versions have a weak algorithmic vulnerability that stems from an oversimplified default token generated during Linkis Gateway...

Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack

Exploit Title: Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production...