CWE-759
15 CVEs classified under CWE-759. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45787 | Critical | 9.1 | 2026-05-28 | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, const… |
CVE-2025-10205 | High | 8.8 | 2025-09-17 | Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions |
CVE-2023-1430 | Medium | 6.5 | 2023-06-09 | The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2… |
CVE-2020-25164 | Medium | 6.5 | 2022-04-14 | A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to rec… |
CVE-2026-45027 | Medium | 5.9 | 2026-05-27 | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's h… |
CVE-2025-36253 | Medium | 5.9 | 2026-02-02 | IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. |
CVE-2021-21253 | Medium | 5.8 | 2021-01-21 | OnlineVotingSystem is an open source project hosted on GitHub. OnlineVotingSystem before version 1.1.2 hashes user passwords without a salt, which is vulnerabl… |
CVE-2025-53884 | Medium | 5.3 | 2025-09-17 | NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of k… |
CVE-2024-8453 | Medium | 4.9 | 2024-09-30 | Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator… |
CVE-2025-27408 | Medium | 4.8 | 2025-02-28 | Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses SHA3 without a salt… |
CVE-2023-33838 | Medium | 4.4 | 2025-01-29 | IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password… |
CVE-2026-9370 | Low | 3.7 | 2026-05-24 | A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator… |
CVE-2025-34208 | | 2025-10-02 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fal… | |
CVE-2025-5922 | | 2025-07-29 | Access to TSplus Remote Access Admin Tool is restricted to administrators (unless "Disable UAC" option is enabled) and requires a PIN code. In versions below v… | |
CVE-2020-16244 | | 2020-09-23 | GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw… |