Lucene search
K

27 matches found

NVD
NVD
added 2026/07/01 8:16 a.m.7 views

CVE-2026-10540

The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentiall...

5.6CVSS0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4986

A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort. Local access is required to approach this...

2.5CVSS6AI score0.00189EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.10 views

CVE-2022-23348

BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes...

5.3CVSS7.3AI score0.02899EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:1 p.m.4 views

CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS6.7AI score0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 8:1 p.m.26 views

CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS0.00085EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51782

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS7.1AI score0.00085EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28427

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.02899EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43556

Malicious code in bioql PyPI...

5.3CVSS7AI score0.00408EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/29 12:0 a.m.22 views

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, along with the Niagara Enterprise Security tools for access control and security, stems from insufficient calculation of password hashes. This allows attackers to gain access to the device.

The vulnerability of the device management platform for systems involving heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to insufficient calculation of password hashes...

10CVSS7.9AI score0.00316EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2025/07/18 3:14 p.m.7 views

CVE-2025-7789 Xuxueli xxl-job Token Generation IndexController.java makeToken weak password hash

A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with...

6.3CVSS4.3AI score0.0028EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.3 views

Beta80 Life 1st 安全漏洞

Beta80 Life 1st is a complete suite for managing PSAPs from Beta80. A security vulnerability exists in Beta80 Life 1st version 1.5.2.14234, which stems from the use of insecure or risky encryption algorithms, insufficient computation of password hashes, weak hashes, and unidirectional hashes with...

6CVSS6.8AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/13 6:2 p.m.11 views

CVE-2022-40258

AMI Megarac Weak password hashes for Redfish & API...

5.3CVSS7.3AI score0.00408EPSS
Exploits0References1
OSV
OSV
added 2024/02/29 1:40 a.m.4 views

CVE-2023-37495

Internet passwords stored in Person documents in the Domino® Directory created using the "Add Person" action on the People & Groups tab in the Domino® Administrator are secured using a cryptographically weak hash algorithm. This could enable attackers with access to the hashed value to determine ...

5.9CVSS5.8AI score0.00466EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/02/01 3:14 a.m.3 views

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software, nearly two months after three security vulnerabilities were brought to light in the same product. Firmware security firm Eclypsium said the two shortcomings were held back until n...

9.8CVSS8.1AI score0.0171EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/02/01 3:14 a.m.61 views

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software, nearly two months after three security vulnerabilities were brought to light in the same product. Firmware security firm Eclypsium said the two shortcomings were held back until n...

9.8CVSS8.1AI score0.0171EPSS
Exploits0
OSV
OSV
added 2023/01/31 1:15 a.m.2 views

CVE-2022-40258

AMI Megarac Weak password hashes for Redfish & API...

5.3CVSS5.8AI score0.00408EPSS
Exploits0References2
Prion
Prion
added 2023/01/31 1:15 a.m.30 views

Design/Logic Flaw

AMI Megarac Weak password hashes for Redfish & API...

5CVSS5.6AI score0.00408EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2023/01/31 12:53 a.m.63 views

CVE-2022-40258

CVE-2022-40258 affects AMI MegaRAC BMC software, describing weak password hashes for Redfish and API. Technical details from connected sources show that older MegaRAC devices use MD5 with a global salt, while newer devices use SHA-512 with per-user salts, enabling potential password cracking. Rel...

5.3CVSS6AI score0.00408EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/01/31 12:53 a.m.31 views

CVE-2022-40258 Weak password hashes for Redfish & API

AMI Megarac Weak password hashes for Redfish & API...

5.3CVSS5.8AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2022/03/21 8:15 p.m.7 views

CVE-2022-23348

BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes...

5.3CVSS6.1AI score0.02899EPSS
Exploits1References3
Rows per page
Query Builder