CVE-2026-33037

WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...

PT-2026-26565

WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...

Security Bulletin: TADDM uses weak SSL certificates (CVE-2012-5770)

Abstract IBM Tivoli Application Dependency Discovery Manager SSL certificate uses weak MD5 hash algorithm Content VULNERABILITY DETAILS: DESCRIPTION: TADDM uses weak certificates for SSL communication what can lead to man in the middle attack. The attacker must have access to traffic between TADD...

Security Bulletin: Weak MD5 Signature Hash - SLOTH (CVE-2015-7575)

Summary IBM SmartCloud Entry is vulnerable to a TLS vulnerability, which allows the attackers exploit this vulnerablility to obtain credentials. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when usi...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affects IBM Control Center (CVE-2015-4872, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7 that is used by IBM Sterling Control Center. These issues were disclosed as part of the IBM Java SDK updates in October 2015 and January 2016. This bulletin also addresses the “SLOTH - Weak...

WordPress 4.6.x < 4.6.8 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...

WordPress 4.8.x < 4.8.3 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...

WordPress 3.9.x < 3.9.21 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...

WordPress 3.8.x < 3.8.23 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...

Security Bulletin: IBM Platform Analytics is affected by a vulnerability(CVE-2015-7575)

Summary Java specific advisory for SLOTH - Weak MD5 Signature Hash - For use only when affected by Java and/or when consuming products affected by Java was addressed by IBM Platform Analytics Express,Standard and Advanced Edition. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS...

CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

Design/Logic Flaw

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

Oracle Linux 6 / 7 : ntp (ELSA-2014-2024)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-2024 advisory. - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via...

EimsCMS V3. 7 a very tasteless of vulnerability-vulnerability warning-the black bar safety net

| EimsCMS V3. 7 0day Default background: admin/login. asp Default database: data/eimscms. mdb Vulnerability file: admin/checklogin. asp --- " Response. Write "" Response. Write "" Response. Write "verify login" Response. Write "" Response. Write "" '-------------------------------------------- Di...

CVE-2007-4419

Admin.php in Olate Download od 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area...