4554 matches found
CVE-1999-1167
CVE-1999-1167 describes a Cross-site scripting vulnerability in the Third Voice Web annotation utility. The issue allows remote attackers to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious JavaScript into an annotation. Affected component is the ...
CVE-2001-0645
CVE-2001-0645 affects Symantec/AXENT NetProwler 3.5.x. The provided materials indicate the presence of several default passwords that could permit an attacker to (1) access the management tier via the admin password, and (2) connect to a MySQL ODBC from the management tier using a blank password....
CVE-2001-0261
Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files...
CVE-2000-1092
CVE-2000-1092 affects EZshopper v3.0 and v2.0 where loadpage.cgi fails to properly validate the parameter; inserting a leading “/” can cause local file listing and reading of EZshopper data files. The root cause is insufficient input validation allowing directory traversal-like behavior, enablin...
ADK flaw in recent versions of PGP
Overview Additional Decryption Keys ADKs is a feature introduced into PGP Pretty Good Privacy versions 5.5.x through 6.5.3 that allows authorized extra decryption keys to be added to a user's public key certificate. However, an implementation flaw in PGP allows unsigned ADKs which have been...
CVE-2000-0326
Meeting Maker uses weak encryption a polyalphabetic substitution cipher for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts...
CVE-1999-0607
QuikStore shopping cart vulnerability CVE-1999-0607 affects the CGI script quikstore.cgi in QuikStore. The issue is that quikstore.cfg is stored under the web document root with insufficient access controls, allowing remote attackers to read the cleartext administrator password and gain privilege...
Ogopogo Autothenticate 1.1.5 - Weak Password Encryption
Ogopogo Autothenticate 1.1.5 - Weak Password Encryption source: https://www.securityfocus.com/bid/552/info Autothenticate is an extension for MacOS that remembers usernames and passwords from visited websites, and atomatically enters them when the site is visited again. It can be configured to...
Ogopogo Autothenticate 1.1.5 - Weak Password Encryption
source: https://www.securityfocus.com/bid/552/info Autothenticate is an extension for MacOS that remembers usernames and passwords from visited websites, and atomatically enters them when the site is visited again. It can be configured to store the username and password, the username only, or...
CVE-2021-23057
...
CVE-2022-40555
...
CVE-2010-1839
...
CVE-2022-26072
...
PLEASE_READ_ME: The Opportunistic Ransomware Devastating MySQL Servers
Guardicore Labs uncovers a Ransomware detection campaign targeting MySQL servers. Attackers use Double Extortion and publish data to pressure victims...