CWE-760
9 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-760page 1 of 1
- CVE-2018-5552LOWCVSS 2.9EG 3.32018-03-19
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper".
- CVE-2020-28214MEDIUMCVSS 5.5EG 5.52020-12-11
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tabl…
- CVE-2021-38314MEDIUMCVSS 5.3EG 5.32021-09-02
The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given …
- CVE-2023-22599HIGHCVSS 7.0EG 9.12023-01-12
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Salt. They send MQTT credentials in re…
- CVE-2024-13951HIGHCVSS 7.6EG 7.62025-05-22
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
- CVE-2024-38881HIGHCVSS 7.5EG 7.52024-08-02
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts w…
- CVE-2025-26486MEDIUMCVSS 6.0EG 6.02025-03-19
Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacke…
- CVE-2025-9290MEDIUMCVSS 5.9EG 5.92026-01-23
An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to …
- CVE-2026-9370LOWCVSS 3.7EG 3.72026-05-24
A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator of the file jasypt-spring-boot/src/main/java/com/ulisesbocchio/jasyptspringboot/…
Map vulnerabilities like CWE-760 to your infrastructure
EchelonGraph correlates every CVE — across CWE-760 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →