124 matches found
Design/Logic Flaw
Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running t...
Unspecified Vulnerability in WAGO PFC100 and WAGO PFC 200 (CNVD-2020-17497)
The WAGO PFC 200 and WAGO PFC 100 are both programmable logic controllers PLCs from WAGO Germany. A security vulnerability exists in the Web-Based Management web application in the WAGO PFC 200 with firmware versions 03.00.3912 and 03.01.0713 and the PFC100 with firmware version 03.00.3912. The...
CVE-2014-2560
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
CVE-2009-5139
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Design/Logic Flaw
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Design/Logic Flaw
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Design/Logic Flaw
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
CVE-2009-5139
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
CVE-2009-5140
Technical details are not publicly available in the provided documents for CVE-2009-5140. Monitor for updates.
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
CVE-2014-2560
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
McAfee Advanced Threat Defense (ATD) Information Disclosure Vulnerability (CNVD-2019-41728)
McAfee Advanced Threat Defense ATD is a set of threat detection and defense solutions from the U.S. company McAfee McAfee, providing malware analysis, shared threat intelligence and isolation of compromised systems and other features. An information disclosure vulnerability exists in McAfee...
CVE-2019-3649
Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...
CVE-2019-3649
Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...
Information disclosure
Information Disclosure vulnerability in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files...
CVE-2019-3649
CVE-2019-3649 concerns McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is an information disclosure through a carefully crafted POST request that exploits how log data is recorded, allowing remote authenticated attackers to access hashed credentials stored in logs. The root c...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
Xxe
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...