Lucene search
K

243 matches found

NVD
NVD
added 2026/05/12 10:16 a.m.46 views

CVE-2026-8072

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS0.00152EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:57 a.m.5 views

CVE-2026-8072

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/12 9:57 a.m.75 views

CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 9:57 a.m.27 views

CVE-2026-8072

CVE-2026-8072 affects the Ingecon Sun EMS Board, via insecure generation of local SAT (Technical Support) access credentials. The root cause is a weak cryptographic scheme used to derive secret credentials, enabling privilege escalation. The CVSS vector indicates Network access, high attack compl...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 9:57 a.m.9 views

CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40003

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Ingeteam Ingecon Sun EMS Board 加密问题漏洞

The Ingeteam Ingecon Sun EMS Board is a control and communication expansion card developed by Ingeteam for photovoltaic power generation and energy management scenarios. The Ingeteam Ingecon Sun EMS Board has encryption-related vulnerabilities. These vulnerabilities stem from insecure credential...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 6:33 p.m.28 views

EUVD-2026-27390

A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...

2.6CVSS5.1AI score0.0014EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

WordPress plugin Subscribe To Comments Reloaded 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.16 views

PT-2026-35379

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...

6.3CVSS4.2AI score0.00188EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Code-Projects Chat System 加密问题漏洞

Code-Projects Chat System is an open-source chat system developed by Code-Projects. Version 1.0 of the code-projects Chat System has a security vulnerability related to encryption. This vulnerability stems from the parameter “Password” in the MD5 Hash Handler component’s “updateuser.php” file,...

6.3CVSS5.8AI score0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/21 1:38 a.m.3 views

CVE-2026-40496 FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: md5APPKEY + attachmentid + size. Since attachmentid is sequential and size can be brute-forced in a small range, an unauthenticate...

9.3CVSS5.7AI score0.00403EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/15 12:7 p.m.4 views

SUSE CVE-2017-18917

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens...

7.5CVSS5.8AI score0.00717EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/06 12:24 a.m.6 views

SUSE CVE-2026-30790

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

9.8CVSS5.7AI score0.00225EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/05 6:31 p.m.7 views

EUVD-2026-9835

Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Peer authentication, API login modules, rustdesk-server RustDesk Server OSS...

9.3CVSS5.9AI score0.00225EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 4:4 p.m.32 views

CVE-2026-30785 RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution', Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbbcommon on Windows, MacOS, Linux Password security module, config encryption, machine U...

8.2CVSS0.00083EPSS
Exploits1References4
OSV
OSV
added 2026/02/17 6:9 p.m.5 views

GO-2026-4463 Mattermost Server uses weak hashing for OAuth, email verification tokens and invitations in github.com/mattermost/mattermost-server

Mattermost Server uses weak hashing for OAuth, email verification tokens and invitations in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

7.5CVSS5.6AI score0.00717EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/01/31 10:47 p.m.159 views

security-code-analyzer

security-code-analyzer An...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.9 views

CVE-2003-1480

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods...

4.3CVSS7AI score0.02666EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.10 views

CVE-2021-33003

Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm...

5.5CVSS6.8AI score0.00172EPSS
Exploits0References1
Rows per page
Query Builder