CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

270 matches found

CVE-2026-45701 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6...

6.9CVSS0.00027EPSS

Exploits0References3

Snyk•added 2026/05/18 5:27 p.m.•2 views

Use of a Broken or Risky Cryptographic Algorithm

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the use of a weak cryptographical hash algorithm in the User.php and...

6.9CVSS5.8AI score0.00027EPSS

Exploits0References2

Snyk•added 2026/05/05 6:33 p.m.•3 views

Use of a Broken or Risky Cryptographic Algorithm

Overview langchain-chatchat is a Langchain-Chatchat formerly langchain-ChatGLM, local knowledge based LLM like ChatGLM, Qwen and Llama RAG and Agent app with langchain Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the PIL.Image.tobytes...

2.6CVSS5.8AI score0.00014EPSS

Exploits0References2

OSV•added 2026/03/03 9:15 p.m.•0 views

CVE-2025-14480

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2026/03/03 8:41 p.m.•1 views

CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.1CVSS5.9AI score0.00009EPSS

Exploits0References1

Snyk•added 2026/02/09 7:0 p.m.•1 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG due to the UUIDv4 and UUID functions silently returning predictable values, such as the zero UUID, when the cryptographic random number generator fails. An attacker can...

9.8CVSS5.6AI score0.0008EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 9:58 a.m.•4 views

CVE-2020-7001

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

7.5CVSS6.6AI score0.00198EPSS

Exploits0References1