CVEs classified under CWE-759, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-10205 — CVSS 8.8 (high): Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions
CVE-2020-16244 — CVSS 7.2 (high): GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt…
CVE-2023-1430 — CVSS 6.5 (medium): The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up…
CVE-2020-25164 — CVSS 6.5 (medium): A vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11…
CVE-2026-45027 — CVSS 5.9 (medium): WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted…
CVE-2025-36253 — CVSS 5.9 (medium): IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive…
CVE-2025-53884 — CVSS 5.3 (medium): NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline…
CVE-2025-27408 — CVSS 4.8 (medium): Manifest offers users a one-file micro back end. Prior to version 4.9.2, Manifest employs a weak password hashing implementation that uses…
CVE-2023-33838 — CVSS 4.4 (medium): IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible…
CVE-2026-9370 — CVSS 3.7 (low): A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function…