Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-328 (可逆的单向哈希) — Vulnerability Class 46

46 vulnerabilities classified as CWE-328 (可逆的单向哈希). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed — jq 7.5 High2026-04-13
CVE-2026-32129 Poseidon V1 variable-length input collision via implicit zero-padding — rs-soroban-poseidon 7.5AIHighAI2026-03-12
CVE-2025-41762 Secret leak with wwwdnload.cgi — UBR-01 Mk II 6.2 Medium2026-03-09
CVE-2026-27754 SODOLA SL902-SWTGW124AS <= 200.1.20 MD5 Session Token Generation — SODOLA SL902-SWTGW124AS 6.5 Medium2026-02-27
CVE-2025-14636 Tenda AX9 httpd image_check weak hash — AX9 3.7 Low2025-12-13
CVE-2025-11650 Tomofun Furbo 360/Furbo Mini Password shadow weak hash — Furbo 360 1.8 Low2025-10-12
CVE-2025-59354 Dragonfly has weak integrity checks for downloaded files — dragonfly 6.5AIMediumAI2025-09-17
CVE-2025-9078 Weak cache keys lead to post IDOR and link preview poisoning — Mattermost 4.3 Medium2025-09-15
CVE-2025-55053 Baicells多款产品 安全漏洞 — NOVA430e/430i, NOVA436Q, NEUTRINO430, NOVA846 6.5 Medium2025-09-09
CVE-2025-9383 FNKvision Y215 CCTV Camera passwd crypt weak hash — Y215 CCTV Camera 2.5 Low2025-08-24
CVE-2025-54535 JetBrains TeamCity 安全漏洞 — TeamCity 5.8 Medium2025-07-28
CVE-2025-8260 Vaelsys VaelsysV4 Web interface vgrid_server.php weak hash — VaelsysV4 3.1 Low2025-07-28
CVE-2025-41256 Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint — Cyberduck 7.4 High2025-06-25
CVE-2025-49197 Deprecated TLS version supported — SICK Media Server 6.5 Medium2025-06-12
CVE-2024-23589 HCL Glovius Cloud is susceptible to an Outdated Hash Algorithm vulnerability — HCL Glovius Cloud 6.8 Medium2025-05-30
CVE-2024-38341 IBM Sterling Secure Proxy information disclosure — Sterling Secure Proxy 5.9 Medium2025-05-28
CVE-2025-48931 TeleMessage 安全漏洞 — service 3.2 Low2025-05-28
CVE-2025-41652 Weidmueller: Authentication Bypass Vulnerability in Industrial Ethernet Switches — IE-SW-VL05M-5TX 9.8 Critical2025-05-27
CVE-2025-47276 Actualizer Uses OpenSSL's "-passwd" Function Which Uses SHA512 Under The Hood Instead of Proper Password Hasher like Yescript/Argon2i — Actualizer 7.5 High2025-05-13
CVE-2024-47829 pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting — pnpm 6.5 Medium2025-04-23
CVE-2025-3576 Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions 5.9 Medium2025-04-15
CVE-2025-31130 gitoxide does not detect SHA-1 collision attacks — gitoxide 6.8 Medium2025-04-04
CVE-2025-2920 Netis WF-2404 passwd weak hash — WF-2404 2.0 Low2025-03-28
CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk — aws/sagemaker-python-sdk 7.5 -2025-03-20
CVE-2025-27595 Weak hashing alghrythm — SICK DL100-2xxxxxxx 9.8 Critical2025-03-14
CVE-2024-10026 Improved Seeding and Hashing In gVisor — gVisor 5.3 -2025-01-30
CVE-2025-21604 LangChain4j-AIDeepin Using MD5 to Hash files may cause file upload conflicts — langchain4j-aideepin 8.2 -2025-01-06
CVE-2024-56414 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 16 7.7 -2025-01-02
CVE-2024-56516 free-one-api uses md5 for password storage — free-one-api 9.8 -2024-12-30
CVE-2024-55885 Beego Vulnerable to Collision Hazards of MD5 in Cache Key Filenames — beego 9.1 -2024-12-12

Vulnerabilities classified as CWE-328 (可逆的单向哈希) represent 46 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.