CVE-2024-56414

The CVE-2024-56414 entry describes a vulnerability in Acronis Cyber Protect 16 for Windows prior to build 39169, where the web installer integrity check uses a weak hash algorithm. Affected product/version: Acronis Cyber Protect 16 (Windows) before build 39169. Impact and exploit details are not ...

CVE-2024-56414

Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 Windows before build 39169...

Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices

Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, whi...

CVE-2024-25102 Information Disclosure Vulnerability in CDAC AppSamvid Software

This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this...

PT-2024-20750 · Appsamvid · Appsamvid

Name of the Vulnerable Software and Affected Versions: AppSamvid affected versions not specified Description: The issue is related to the use of a weaker cryptographic algorithm, specifically SHA1, in the user login component. An attacker with local administrative privileges could exploit this to...

AppSamvid Security Vulnerability

AppSamvid is a free application whitelisting software from Cert-In open source. A security vulnerability exists in AppSamvid 2.0.1 and earlier versions, which stems from the use of a weak encryption algorithm hash SHA1 in the user login component, which allows an attacker with local administrativ...

HCL Domino Security Vulnerability

HCL Technologies HCL Domino is an application software from HCL Technologies, Inc. It provides a platform for application development. A security vulnerability exists in HCL Domino that stems from the use of a weak hash encryption algorithm, which could allow an attacker to determine a user's...

CVE-2023-37495

CVE-2023-37495 involves HCL Domino. The vulnerability arises from using a cryptographically weak hash algorithm to secure internet passwords stored in Person documents in the Domino Directory when created via the Add Person action on the People & Groups tab. The issue could allow an attacker with...

PT-2024-12626 · Domino · Domino

Name of the Vulnerable Software and Affected Versions: Domino affected versions not specified Description: The issue is related to the use of a cryptographically weak hash algorithm to secure internet passwords stored in Person documents in the Domino Directory. This weakness could allow attacker...

crypto-js: PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard

A vulnerability was found in crypto-js in how PBKDF2 is 1,000 times weaker than originally specified in 1993 and at least 1,300,000 times weaker than the current industry standard. This issue is because both default to SHA1, a cryptographic hash algorithm considered insecure since at least 2005,...

Bcoin Security Breach

Bcoin is an alternative implementation of the Bitcoin protocol open-sourced by Bcoin. A security vulnerability exists in Bcoin version 2.2.0, which stems from a vulnerability that allows remote attackers to obtain sensitive information via a weak hash algorithm in the component...

CVE-2023-34433

PiiGAB M-Bus stores passwords using a weak hash algorithm...

CVE-2023-34433 PiiGAB M-Bus Use of Password Hash With Insufficient Computational Effort

PiiGAB M-Bus stores passwords using a weak hash algorithm...

CVE-2023-34433

PiiGAB M-Bus stores passwords using a weak hash algorithm (CVE-2023-34433). Affected product area: M-Bus SoftwarePack 900S. Root cause: password storage using an insufficient computational hash. Impact is substantial (confidentiality, integrity, and availability concerns) per documented CVSS vect...

PT-2023-24875 · Unknown · Piigab M-Bus

Name of the Vulnerable Software and Affected Versions: PiiGAB M-Bus affected versions not specified Description: The issue concerns the use of a weak hash algorithm for storing passwords. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

The vulnerability of the password reset mechanism of the Automation Education System Apex-VUZ allows a hacker to obtain the user’s password.

The vulnerability of the user password reset mechanism in the Apex-VUZ automation system is related to the use of the SHA-1 encryption algorithm, which lacks sufficient robustness. Exploiting this vulnerability could allow an attacker operating remotely to obtain the user’s password...

CVE-2023-0452

Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians...

CVE-2023-0452

Summary of CVE-2023-0452 : Econolite EOS before 3.2.23 uses a weak hash (MD5) to encrypt privileged credentials in a configuration file that is accessible without authentication. This can expose administrator/technician credentials and related data. The issue is documented in multiple connected s...

CVE-2023-0452

Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians...

DIAEnergie Weak Hash Algorithm Vulnerability

DIAEnergie is an industrial energy management system from Delta Electronics. A weak hash algorithm vulnerability exists in DIAEnergie 1.7.5 and earlier versions. An attacker can exploit this vulnerability to retrieve plaintext passwords...