CVE-2023-41646

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-916
View all →

Vulnerability Description

Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/

Related Vulnerabilities

CVE-2018-15717

MEDIUM
CVSS:5.3(Medium)

Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.

CWE-9162018

CVE-2019-12737

MEDIUM
CVSS:5.3(Medium)

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.

CWE-9162019

CVE-2021-37551

MEDIUM
CVSS:5.3(Medium)

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.

CWE-9162021

CVE-2022-23348

MEDIUM
CVSS:5.3(Medium)

BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.

CWE-9162022

CVE-2024-29886

MEDIUM
CVSS:5.3(Medium)

Serverpod is an app and web server, built for the Flutter and Dart ecosystem. An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database w...

CWE-9162024