Fallos del tipo CWE-328
80 resultadosCVE-2004-2761CRITICALThe MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacEPSS 9.9%CVE-2024-54143CRITICALopenwrt/asu allows build artifact poisoning via truncated SHA-256 hash and command injectionEPSS 1.9%CVE-2022-3433—The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in theEPSS 0.7%CVE-2022-29249HIGHReversible One-Way Hash and Use of a Broken or Risky Cryptographic Algorithm in io.github.javaezlib.JavaEZEPSS 0.7%CVE-2023-2900LOWNFine Rapid Development Platform CheckLogin weak hashEPSS 0.7%CVE-2023-46233CRITICALcrypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardEPSS 0.6%CVE-2021-39182HIGHUse of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.pyEPSS 0.5%CVE-2023-0452CRITICALEconolite EOS versions prior to 3.2.23 use a weak hash
algorithm for encrypting privileged user credentials. A configuration file that
is acEPSS 0.5%CVE-2025-27595CRITICALWeak hashing alghrythmEPSS 0.5%CVE-2022-45141CRITICALSince the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assuEPSS 0.5%CVE-2023-46133CRITICALcrypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardEPSS 0.4%CVE-2023-44319MEDIUMA vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM EPSS 0.4%CVE-2024-40465HIGHAn issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in file.go fileEPSS 0.4%CVE-2025-41652CRITICALWeidmueller: Authentication Bypass Vulnerability in Industrial Ethernet SwitchesEPSS 0.4%CVE-2024-52521LOWNextcloud Server has a potential hash collision for background jobs could skip queuing themEPSS 0.4%CVE-2022-43922MEDIUMIBM App Connect Enterprise Certified Container information disclosureEPSS 0.4%CVE-2024-48924HIGHMessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflowEPSS 0.4%CVE-2024-55885MEDIUMBeego Vulnerable to Collision Hazards of MD5 in Cache Key FilenamesEPSS 0.3%CVE-2024-56516MEDIUMfree-one-api uses md5 for password storageEPSS 0.3%CVE-2024-8453MEDIUMPLANET Technology switch devices - Weak hash for users' passwordsEPSS 0.3%