Lucene search
+L

685 matches found

securityvulns
securityvulns
added 2011/11/01 12:0 a.m.24 views

Nova weak cryptography

It's possible to computer EC2SECRETKEY with known EC2ACCESSKEY...

2.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/09/15 12:0 a.m.331 views

PCI DSS Compliance : Insecure Communication Has Been Detected

Applications that fail to adequately encrypt network traffic using strong cryptography are at increased risk of being compromised and exposing cardholder data. An attacker who is able to exploit weak cryptographic processes can gain control of an application or even gain cleartext access to...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2011/02/17 12:0 a.m.24 views

Tembria Server Monitor security vulnerability

Weak cryptography, crossite scripting...

2.4AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/02/17 12:0 a.m.75 views

Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability

Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability Solutionary ID: SERT-VDN-1004 Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-Weak-Xpto-Pwd-Storage.html CVE ID: Pending Product: Tembria Server Monitor Application...

0.4AI score
Exploits0
NVD
NVD
added 2008/04/18 3:5 p.m.19 views

CVE-2008-1886

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

7.5CVSS6.9AI score0.06658EPSS
Exploits0References4
Prion
Prion
added 2008/04/18 3:5 p.m.14 views

Design/Logic Flaw

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

7.5CVSS7.5AI score0.06658EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/04/18 3:0 p.m.29 views

CVE-2008-1886

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

6.9AI score0.06658EPSS
Exploits0References4
CVE
CVE
added 2008/04/18 3:0 p.m.40 views

CVE-2008-1886

The CVE-2008-1886 issue concerns the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) used in CDNetworks Nefficient Download. The root cause is weak cryptography applied to a KeyCode that blocks unauthorized use of the control, allowing remote attackers to bypass the protection mechanism b...

7.5CVSS6.9AI score0.06658EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2008/03/17 12:0 a.m.42 views

Raidsonic nas-4220 weak cryptography

Encryption key is stored with data...

2AI score
Exploits0References1
securityvulns
securityvulns
added 2007/11/26 12:0 a.m.40 views

Citrix NetScaler weak cryptography

Username/password are stored as a part of cookie with encryption XORing with reused key, making it's possible to discover parts of the password...

4.3CVSS2.1AI score0.03579EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2007/11/01 4:46 p.m.12 views

Design/Logic Flaw

The Globe7 soft phone client 7.3 uses weak cryptography reversed sequence of binary values for the password, which might allow local users to obtain sensitive information...

2.1CVSS6.4AI score0.003EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/11/01 4:46 p.m.15 views

CVE-2007-5790

The Globe7 soft phone client 7.3 uses weak cryptography reversed sequence of binary values for the password, which might allow local users to obtain sensitive information...

2.1CVSS6.2AI score0.003EPSS
Exploits0References4
CVE
CVE
added 2007/11/01 4:4 p.m.39 views

CVE-2007-5790

The CVE-2007-5790 entry concerns the Globe7 soft phone client 7.3, where the password is protected by weak cryptography described as a reversed sequence of binary values. This vulnerability could allow local users to obtain sensitive information. The available documents state the impact as partia...

2.1CVSS6.2AI score0.003EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/11/01 4:4 p.m.18 views

CVE-2007-5790

The Globe7 soft phone client 7.3 uses weak cryptography reversed sequence of binary values for the password, which might allow local users to obtain sensitive information...

6.2AI score0.003EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/08/08 1:52 a.m.18 views

CVE-2005-4860

Spectrum Cash Receipting System before 6.504 uses weak cryptography static substitution in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password...

7.7AI score0.00198EPSS
Exploits0References3
CVE
CVE
added 2007/08/08 1:52 a.m.41 views

CVE-2005-4860

Spectrum Cash Receipting System prior to version 6.504 is vulnerable due to weak cryptography (static substitution) in the PASSFILE password file, enabling local users to gain privileges by decrypting a password. Affected: Spectrum Cash Receipting System before 6.504. Root cause: use of static su...

7.8CVSS7.1AI score0.00198EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2007/08/04 12:0 a.m.10 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

6.3AI score0.01046EPSS
Exploits0References3
Prion
Prion
added 2007/08/03 8:17 p.m.22 views

Design/Logic Flaw

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

5CVSS6.5AI score0.01046EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2007/08/03 8:17 p.m.19 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

7.5CVSS7.3AI score0.01046EPSS
Exploits0References3
CVE
CVE
added 2007/08/03 8:0 p.m.55 views

CVE-2007-4150

The CVE-2007-4150 issue affects Visionsoft Audit 12.4.0.0 (Visionsoft Audit) where weak cryptography (XOR) is used for passwords: during transmission over the network (passwords can be sniffed) and in the configuration file (local read access can reveal passwords). No further exploit details are ...

7.5CVSS7.3AI score0.01046EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder