Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-916

CWE-916

Use of Password Hash With Insufficient Computational Effort

Parent: CWE-328 - Use of Weak Hash

The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.

115 vulnerabilities with CWE-916

CVE-2024-3183 HIGH

Red Hat Enterprise Linux - Use of Password Hash With Insufficient Computational Effort in FreeIPA

CVE-2024-21754 LOW

FortiProxy 2.0.0-2.0.13 and FortiOS 6.4.0-6.4.14 - Use of Password Hash With Insufficient Computational Effort

CVE-2024-31464 MEDIUM

XWiki Platform 5.0-rc-1-14.10.18 - Authenticated Exposure of Sensitive Information via History Diff Feature

CVE-2024-29886 MEDIUM

Serverpod < 1.2.6 - Use of Password Hash With Insufficient Computational Effort

CVE-2024-2365 LOW

Musicshelf 1.0/1.1 - Use of Password Hash With Insufficient Computational Effort in SHA-1 Handler

CVE-2024-25607 HIGH

Liferay Portal/DXP - Info Disclosure

CVE-2023-33838 MEDIUM

IBM Security Verify Governance 10.0.2 - Info Disclosure

CVE-2023-5846 HIGH

Franklin Fueling System TS-550 <1.9.23.8960 - Info Disclosure

CVE-2023-46233 CRITICAL

crypto-js < 4.2.0 - Use of a Broken or Risky Cryptographic Algorithm

CVE-2023-46133 CRITICAL

CryptoES < 2.1.0 - Use of a Broken or Risky Cryptographic Algorithm

CVE-2023-4986 LOW

Supcon InPlant SCADA <20230901 - Info Disclosure

CVE-2023-41646 MEDIUM

Buttercup v2.20.3 - Info Disclosure

CVE-2023-31412 HIGH

SICK LMS5xx Firmware - Use of Password Hash With Insufficient Computational Effort

CVE-2023-34433 HIGH

PiiGAB M-Bus 900s Firmware - Use of Password Hash With Insufficient Computational Effort

CVE-2023-33243 HIGH

STARFACE < 7.3.0.10 - Authentication Bypass via Password Hash

CVE-2023-27580 HIGH

CodeIgniter Shield <v1.0.0-beta.3 - Info Disclosure

CVE-2023-0567 HIGH

PHP <8.0.28-8.1.16-8.2.3 - Info Disclosure

CVE-2022-3010 HIGH

Priva TopControl Suite - Info Disclosure

CVE-2022-47557 MEDIUM

EkorCCP/EkorRCI - Privilege Escalation

CVE-2022-26115 MEDIUM

FortiSandbox <4.2.0 - Info Disclosure

CVE-2022-40258 MEDIUM

AMI Megarac SPX-12 < 7.00 and SPX-13 < 5.00 - Use of Password Hash With Insufficient Computational Effort

CVE-2022-47732 HIGH

Yeastar N412/N824 Config Pnl 42.x/45.x - Info Disclosure

CVE-2022-40295 MEDIUM

php_point_of_sale - Authenticated Information Disclosure of Unsalted Password Hashes

CVE-2022-37164 CRITICAL

Inoda OnTrack <3.4 - Privilege Escalation

CVE-2022-37163 CRITICAL

Bminusl IHateToBudget v1.5.7 - Info Disclosure

Previous Page 2 of 5 Next

Details

Vulnerabilities 115

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy