12 vulnerabilities classified as CWE-836 (在认证机制中使用口令哈希代替口令). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40103 | Vikunja's Scoped API tokens with projects.background permission can delete project backgrounds — vikunja | 4.3 | Medium | 2026-04-10 |
| CVE-2019-25552 | CEWE PHOTO SHOW 6.4.3 Denial of Service via Password Field — CEWE PHOTO SHOW | 7.5 | High | 2026-03-21 |
| CVE-2025-64471 | Fortinet FortiWeb 安全漏洞 — FortiWeb | 4.4 | Medium | 2025-12-09 |
| CVE-2025-52543 | Login to the application services using only the password hash — E3 Supervisory Control | 9.8AI | CriticalAI | 2025-09-02 |
| CVE-2025-48925 | TeleMessage 安全漏洞 — service | 4.3 | Medium | 2025-05-28 |
| CVE-2023-39546 | NEC Expresscluster X 安全漏洞 — CLUSTERPRO X (EXPRESSCLUSTER X) | 8.8 | - | 2023-11-17 |
| CVE-2023-4299 | Digi RealPort Protocol Use of Password Hash Instead of Password for Authentication — Digi RealPort | 9.0 | Critical | 2023-08-31 |
| CVE-2023-34132 | SonicWALL Analytics和GMS 安全漏洞 — GMS | 9.1 | - | 2023-07-13 |
| CVE-2023-23450 | SICK FTMg 授权问题漏洞 — SICK FTMG-ESD15AXX AIR FLOW SENSOR | 6.2 | Medium | 2023-05-15 |
| CVE-2022-32282 | WWBN AVideo 授权问题漏洞 — AVideo | 8.8 | - | 2022-08-22 |
| CVE-2021-23857 | Login with hash — IndraMotion MLC L25, L45, L65, L75, L85, XM21, XM22, XM41 and XM42 IndraMotion XLC | 10.0 | Critical | 2021-10-04 |
| CVE-2017-7927 | 多款大华产品安全漏洞 — Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras | 9.4 | - | 2017-05-06 |
Vulnerabilities classified as CWE-836 (在认证机制中使用口令哈希代替口令) represent 12 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.