In cryptography, hashes are primarily used for signing things, which makes them very important for trust relationships. The most common example would be signing an email with a program like PGP. In general, this is done by encrypting the text with your private key. It will only decrypt properly with your public key, which means that anyone who has your public key can verify that the document really came from you.

But, this isn't actually how things go down. It's a bad idea to encrypt large amounts of known text with your private key because in theory someone might be able to reverse your key if they had enough data. So instead, the text that you want to sign is hashed to a much shorter value, and then the hash is what gets encrypted by your private key as the signature. This works well enough in theory, but the problem is this:

When you sign a hash, you are effectively signing every document that could ever be written which would generate that hash. If someone knows how to create a deliberate collision, they could replace the text you "signed" with another message which generates the same hash. No one would be able to tell which text you really meant to sign because you signed the hash, not the text.

There are lots of other applications for hashes in cryptography, most of which deal with verifying the identity of someone or something. For example, hashes are used to verify that a public key really belongs to the person it claims to belong to. The key is too long for humans to easily compare, so you would call me up or meet me in person and ask me for a hash of my public key. The hash would be short and easy, so I would read it to you and you would compare it to the hash of the key you have. If they match, you would assume that the keys were the same. If someone could generate a public key which hashes to the same value as my public key, they could pass off their key as my own, and probably no one would notice the switch.