Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-328

CWE-328

Use of Weak Hash

Parent: CWE-326 - Inadequate Encryption Strength

The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).

79 vulnerabilities with CWE-328

CVE-2025-41762 MEDIUM

MBS Solutions Universal BACnet Router Firmware < 6.0.1.0 - Unauthenticated Sensitive Data Exposure via Weak Backup Hash

CVE-2025-14636 LOW

Tenda AX9 22.03.01.46 - Use of Weak Hash in httpd image_check Function

CVE-2025-11650 LOW

Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Use of Weak Hash in Password Handler

CVE-2025-59354 MEDIUM

Dragonfly < 2.1.0 - Use of Weak Hash via MD5 Collision

CVE-2025-9078 MEDIUM

Mattermost <10.8.4 - Info Disclosure

CVE-2025-55053 MEDIUM

Baicells NOVA and NEUTRINO - Use of Weak Hash

CVE-2025-9383 LOW

FNKvision Y215 CCTV Camera - Weak Hash

CVE-2025-54535 MEDIUM

JetBrains TeamCity <2025.07 - Info Disclosure

CVE-2025-8260 LOW

Vaelsys VaelsysV4 <= 5.1.0/5.4.0 - Use of Weak Hash via xajaxargs Parameter

CVE-2025-41256 HIGH

Cyberduck <9.1.6 - Mountain Duck <4.17.5 - TLS Pinning Weakness

CVE-2025-49197 MEDIUM

SICK media_server < 1.5 - Weak Password Hash for FTP User Account

CVE-2025-48931 LOW

TeleMessage <2025-05-05 - Info Disclosure

CVE-2025-41652 CRITICAL

Weidmueller IE-SW Series - Authentication Bypass via Weak MD5 Hash

CVE-2025-47276 HIGH

Actualizer <1.2.0 - Info Disclosure

CVE-2025-3576 MEDIUM

Red Hat Enterprise Linux - Message Spoofing via RC4-HMAC-MD5 Weakness in MIT Kerberos GSSAPI

CVE-2025-31130 MEDIUM

gitoxide <0.42.0 - Info Disclosure

CVE-2025-2920 LOW

Netis WF-2404 1.1.124EN - Weak Hash

CVE-2025-0508 MEDIUM

SageMaker Workflow - Info Disclosure

CVE-2025-26486 MEDIUM

Beta80 Life 1st Identity Mgr <1.5.2.142 - Info Disclosure

CVE-2025-27595 CRITICAL

SICK DL100-2xxxxxxx - Use of Weak Hash for Password Storage

CVE-2025-21604 MEDIUM

LangChain4j-AIDeepin <3.5.0 - Info Disclosure

CVE-2024-23589 MEDIUM

HCL Glovius Cloud - Info Disclosure

CVE-2024-38341 MEDIUM

IBM Sterling Secure Proxy <6.2.0.1 - Info Disclosure

CVE-2024-47829 MEDIUM

pnpm < 10.0.0 - Use of Weak Hash via MD5 Path Shortening

CVE-2024-10026 MEDIUM

gVisor < 20231030.0 - Weak Hashing and Small Seed/Secret Sizes

Previous Page 2 of 4 Next

Details

Vulnerabilities 79

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy