From Wiki:-

A cryptographic hash function should behave as much as possible like a random function while still being deterministic and efficiently computable. A cryptographic hash function is considered "insecure" from a cryptographic point of view, if either of the following is computationally feasible:

- Finding a (previously unseen) message that matches a given hash values.
- Finding "collisions", in which two different messages have the same hash value.

An attacker who can find any of the above computations can use them to substitute an authorized message with an unauthorized one.

My doubt is can the above points 1 and 2 ever occur ?