CWE:
 

Topic
Date
Author
Med.
Dolibarr 4.0.4 SQL Injection / XSS / Weaknesses
11.05.2017
FOXMOLE
Med.
Password Safe And Repository Enterprise 7.4.4 Build 2247 Crypto Issues
13.10.2015
Matthias Deeg
Low
Kaspersky Anti-Virus 15.0.1.415 Unsalted Hash
02.10.2015
Sven Freund and Matthi...
Low
Kaspersky Endpoint Security For Windows 8.1.0.1042 / 10.2.1.23 Unsalted Hash
02.10.2015
Sven Freund and Matthi...
Low
Kaspersky Internet Security 15.0.2.361 Unsalted Hash
02.10.2015
Matthias Deeg and Sven...
Low
Kaspersky Total Security 15.0.1.415 Unsalted Hash
02.10.2015
Matthias Deeg and Sven...
Low
Kaspersky Small Office Security 13.0.4.233 Unsalted Hash
02.10.2015
Matthias Deeg and Sven...
Low
FancyFon FAMOC 3.16.5 Missing Salt
28.01.2015
Matthias Deeg


CVEMAP Search Results

CVE
Details
Description
2022-04-14
Medium
CVE-2020-25164

Updating...
 

 
A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to recover user credentials of the administrative interface.

 
2021-01-21
Waiting for details
CVE-2021-21253

Updating...
 

 
OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerable to dictionary attacks. Therefore there is a threat of security breach in the voting system. Without a salt, it is much easier for attackers to pre-compute the hash value using dictionary attack techniques such as rainbow tables to crack passwords. This problem is fixed and published in version 1.1.2. A long randomly generated salt is added to the password hash function to better protect passwords stored in the voting system.

 
2020-09-23
Waiting for details
CVE-2020-16244

Updating...
 

 
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data and then retrieve the actual passwords.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top