Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.7 views

CVE-2019-10907

Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users...

9.8CVSS6.8AI score0.00924EPSS
Exploits0References1
OSV
OSV
added 2024/04/12 11:7 a.m.6 views

OESA-2024-1443 libgsasl security update

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. Security Fixes: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...

8.1CVSS6.8AI score0.01091EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.6 views

OESA-2024-1441 libgsasl security update

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. Security Fixes: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...

8.1CVSS6.8AI score0.01091EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.6 views

OESA-2024-1445 libgsasl security update

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. Security Fixes: GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...

8.1CVSS6.8AI score0.01091EPSS
Exploits0References2
NVD
NVD
added 2019/11/09 4:15 a.m.24 views

CVE-2009-5004

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...

6.5CVSS6.5AI score0.02559EPSS
Exploits0References4
Rows per page
Query Builder