Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Positive Technologies
Positive Technologiesadded 2025/12/16 12:0 a.m.4 views

PT-2025-51782

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS7.1AI score0.00085EPSS
Exploits0References3
CVE
CVEadded 2025/05/13 3:34 p.m.42 views

CVE-2025-47276

Actualizer (a Debian OS creator) is affected by CVE-2025-47276 in versions before 1.2.0, due to using OpenSSL’s -passwd which hashes with SHA-512. The vulnerability pertains to password hashing quality for root and Alpha accounts across full OS deployments. Remediation is to upgrade to Actualizer...

7.5CVSS7.7AI score0.00243EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2025/05/13 3:34 p.m.6 views

CVE-2025-47276 Actualizer Uses OpenSSL's "-passwd" Function Which Uses SHA512 Under The Hood Instead of Proper Password Hasher like Yescript/Argon2i

Actualizer is a single shell script solution to allow developers and embedded engineers to create Debian operating systems OS. Prior to version 1.2.0, Actualizer uses OpenSSL's "-passwd" function, which uses SHA512 instead of a more suitable password hasher like Yescript/Argon2i. All Actualizer...

7.5CVSS7AI score0.00243EPSS
Exploits0References7
Rows per page
Query Builder