27 matches found
CVE-2026-10540
The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentiall...
CVE-2023-4986
A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort. Local access is required to approach this...
CVE-2022-23348
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes...
CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...
CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...
PT-2025-51782
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...
EUVD-2022-28427
Malicious code in bioql PyPI...
EUVD-2022-43556
Malicious code in bioql PyPI...
The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, stems from insufficient calculation of password hashes. This allows attackers to gain access to the device.
The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to insufficient calculation of password hashes...
CVE-2025-7789 Xuxueli xxl-job Token Generation IndexController.java makeToken weak password hash
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with...
Beta80 Life 1st 安全漏洞
Beta80 Life 1st is a complete suite for managing PSAPs from Beta80. A security vulnerability exists in Beta80 Life 1st version 1.5.2.14234, which stems from the use of insecure or risky encryption algorithms, insufficient computation of password hashes, weak hashes, and unidirectional hashes with...
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API...
CVE-2023-37495
Internet passwords stored in Person documents in the Domino® Directory created using the "Add Person" action on the People & Groups tab in the Domino® Administrator are secured using a cryptographically weak hash algorithm. This could enable attackers with access to the hashed value to determine ...
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software, nearly two months after three security vulnerabilities were brought to light in the same product. Firmware security firm Eclypsium said the two shortcomings were held back until n...
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software, nearly two months after three security vulnerabilities were brought to light in the same product. Firmware security firm Eclypsium said the two shortcomings were held back until n...
CVE-2022-40258
AMI Megarac Weak password hashes for Redfish & API...
Design/Logic Flaw
AMI Megarac Weak password hashes for Redfish & API...
CVE-2022-40258
CVE-2022-40258 affects AMI MegaRAC BMC software, describing weak password hashes for Redfish and API. Technical details from connected sources show that older MegaRAC devices use MD5 with a global salt, while newer devices use SHA-512 with per-user salts, enabling potential password cracking. Rel...
CVE-2022-40258 Weak password hashes for Redfish & API
AMI Megarac Weak password hashes for Redfish & API...
CVE-2022-23348
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes...