Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-34914 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging in. | |||||
CVE-2024-32211 | 2024-07-03 | N/A | 5.5 MEDIUM | ||
An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components. | |||||
CVE-2023-44319 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2024-06-11 | N/A | 4.9 MEDIUM |
Affected devices use a weak checksum algorithm to protect the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that tricks a legitimate administrator to upload a modified configuration file to change the configuration of an affected device. | |||||
CVE-2024-1040 | 1 Gesslergmbh | 2 Web-master, Web-master Firmware | 2024-02-07 | N/A | 4.4 MEDIUM |
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device. |