Lucene search
K

124 matches found

Prion
Prion
added 2020/04/17 3:15 p.m.17 views

Design/Logic Flaw

Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running t...

6.5CVSS8.6AI score0.00861EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2020/03/12 12:0 a.m.2 views

Unspecified Vulnerability in WAGO PFC100 and WAGO PFC 200 (CNVD-2020-17497)

The WAGO PFC 200 and WAGO PFC 100 are both programmable logic controllers PLCs from WAGO Germany. A security vulnerability exists in the Web-Based Management web application in the WAGO PFC 200 with firmware versions 03.00.3912 and 03.01.0713 and the PFC100 with firmware version 03.00.3912. The...

5.3CVSS6.9AI score0.01022EPSS
Exploits1References1
NVD
NVD
added 2020/02/12 2:15 p.m.23 views

CVE-2014-2560

The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.5CVSS7.5AI score0.01684EPSS
Exploits5References1
NVD
NVD
added 2020/02/12 2:15 p.m.17 views

CVE-2009-5140

The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

8.8CVSS8.6AI score0.01361EPSS
Exploits4References2
NVD
NVD
added 2020/02/12 2:15 p.m.24 views

CVE-2009-5139

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.5CVSS7.5AI score0.00373EPSS
Exploits4References2
Prion
Prion
added 2020/02/12 2:15 p.m.16 views

Design/Logic Flaw

The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

4.3CVSS7.1AI score0.01684EPSS
Exploits5References1Affected Software1
Prion
Prion
added 2020/02/12 2:15 p.m.17 views

Design/Logic Flaw

The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

4.3CVSS7.2AI score0.01361EPSS
Exploits4References2
Prion
Prion
added 2020/02/12 2:15 p.m.15 views

Design/Logic Flaw

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

4.3CVSS7.2AI score0.00373EPSS
Exploits4References2
Cvelist
Cvelist
added 2020/02/12 1:29 p.m.48 views

CVE-2009-5139

The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.6AI score0.00373EPSS
Exploits4References2
CVE
CVE
added 2020/02/12 1:28 p.m.54 views

CVE-2009-5140

Technical details are not publicly available in the provided documents for CVE-2009-5140. Monitor for updates.

8.8CVSS7.9AI score0.01361EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2020/02/12 1:28 p.m.48 views

CVE-2009-5140

The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

8.6AI score0.01361EPSS
Exploits4References2
Cvelist
Cvelist
added 2020/02/12 1:28 p.m.44 views

CVE-2014-2560

The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...

7.6AI score0.01684EPSS
Exploits5References1
CNVD
CNVD
added 2019/11/14 12:0 a.m.2 views

McAfee Advanced Threat Defense (ATD) Information Disclosure Vulnerability (CNVD-2019-41728)

McAfee Advanced Threat Defense ATD is a set of threat detection and defense solutions from the U.S. company McAfee McAfee, providing malware analysis, shared threat intelligence and isolation of compromised systems and other features. An information disclosure vulnerability exists in McAfee...

6.5CVSS6.3AI score0.00923EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 11:15 p.m.21 views

CVE-2019-3649

Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...

6.5CVSS5.3AI score0.00923EPSS
Exploits0References1
OSV
OSV
added 2019/11/13 11:15 p.m.4 views

CVE-2019-3649

Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...

6.5CVSS6.7AI score0.00923EPSS
Exploits0References1
Prion
Prion
added 2019/11/13 11:15 p.m.17 views

Information disclosure

Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...

4CVSS6.2AI score0.00923EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/11/13 10:30 p.m.54 views

CVE-2019-3649

CVE-2019-3649 concerns McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is an information disclosure through a carefully crafted POST request that exploits how log data is recorded, allowing remote authenticated attackers to access hashed credentials stored in logs. The root c...

6.5CVSS5.6AI score0.00923EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/12/15 6:29 p.m.12 views

CVE-2017-14101

A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...

9.8CVSS9.2AI score0.01438EPSS
Exploits0References1
Prion
Prion
added 2017/12/15 6:29 p.m.14 views

Xxe

A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...

5CVSS9AI score0.01438EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/12/15 6:0 p.m.17 views

CVE-2017-14101

A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...

9.2AI score0.01438EPSS
Exploits0References1
Rows per page
Query Builder