Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-916

CWE-916

Use of Password Hash With Insufficient Computational Effort

Parent: CWE-328 - Use of Weak Hash

The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.

115 vulnerabilities with CWE-916

CVE-2022-36071 HIGH

SFTPGo 2.2.0-2.3.3 - Two-Factor Authentication Bypass via Recovery Code Generation

CVE-2022-29731 MEDIUM

ICT Protege GX/WX <2.08 - Info Disclosure

CVE-2022-24041 MEDIUM

Desigo DXR2, PXC3, PXC4, PXC5 < V01.21.142.5-22, V02.20.142.10-1088...

CVE-2022-1235 HIGH

GitHub livehelperchat/livehelperchat <3.96 - Info Disclosure

CVE-2022-23348 MEDIUM

BigAnt Server <5.6.06 - Info Disclosure

CVE-2022-0022 MEDIUM

Palo Alto Networks PAN-OS - Password Cracking

CVE-2021-32997 HIGH

Baker Hughes Bentley Nevada - Info Disclosure

CVE-2021-26113 MEDIUM

FortiWAN < 4.5.9 - Use of Password Hash With Insufficient Computational Effort

CVE-2021-43989 HIGH

mySCADA myPRO <8.20.0 - Info Disclosure

CVE-2021-38979 HIGH

IBM Tivoli Key Lifecycle Manager <4.1 - Info Disclosure

CVE-2021-39182 HIGH

EnroCrypt < 1.1.4 - Use of Broken MD5 Hashing Algorithm

CVE-2021-36767 CRITICAL

Digi RealPort <4.10.490 - Info Disclosure

CVE-2021-38400 MEDIUM

Boston Scientific Zoom Latitude Model 3120 - Info Disclosure

CVE-2021-38314 MEDIUM

Gutenberg Template Library & Redux Framework <= 4.2.11 - Sensitive Information Exposure

CVE-2021-33003 MEDIUM

Delta Electronics DIAEnergie <1.7.5 - Info Disclosure

CVE-2021-37551 MEDIUM

JetBrains YouTrack <2021.2.16363 - Info Disclosure

CVE-2021-32596 MEDIUM

FortiPortal <6.04 - Info Disclosure

CVE-2021-22774 HIGH

EVlink City/EVlink Parking/EVlink Smart Wallbox <R8 V3.4.0.1 - Info...

CVE-2021-32519 CRITICAL

QSAN Storage Manager <3.3.2, XEVO <2.1.0, SANOS <2.1.0 - Info Discl...

CVE-2021-22741 MEDIUM

ClearSCADA/EcoStruxure Geo SCADA Expert <2020 V83.7742.1 - Info Dis...

CVE-2021-33563 HIGH

Koel < 5.1.4 - Insufficient Password Hash Computational Effort

CVE-2021-21253 MEDIUM

OnlineVotingSystem <1.1.2 - Info Disclosure

CVE-2020-12069 HIGH

CODESYS V3 <V3.5.16.0 - Privilege Escalation

CVE-2020-16231 HIGH

Bachmann Electronic M-Base Controllers MSYS v1.06.14+ - Info Disclo...

CVE-2020-25754 HIGH

Enphase Envoy R3.x-D4.x - Privilege Escalation

Previous Page 3 of 5 Next

Details

Vulnerabilities 115

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy