CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2019-09-05
Medium
CVE-2019-15947

Vendor: Bitcoin
Software: Bitcoin-qt
 

 
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command.

 
2019-08-05
Low
CVE-2019-14664

Vendor: Enigmail
Software: Enigmail
 

 
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the "EFAIL" attacks.

 
2019-08-01
Medium
CVE-2019-14332

Vendor: Dlink
Software: 6600-ap firmware
 

 
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1.

 
2019-07-03
Medium
CVE-2018-18325

Vendor: Dnnsoftware
Software: Dotnetnuke
 

 
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.

 
Medium
CVE-2018-15811

Vendor: Dnnsoftware
Software: Dotnetnuke
 

 
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.

 
2019-07-01
Low
CVE-2019-4102

Vendor: IBM
Software: DB2
 

 
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158092.

 
2019-06-28
Medium
CVE-2018-20810

Vendor: Pulsesecure
Software: Pulse connec...
 

 
Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS 5.2RX, or stand-alone devices.

 
2019-06-25
Low
CVE-2019-4151

Vendor: IBM
Software: Security acc...
 

 
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512.

 
2019-05-29
Medium
CVE-2019-4256

Vendor: IBM
Software: Api connect
 

 
IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 159944.

 
2019-05-01
Medium
CVE-2018-1608

Vendor: IBM
Software: Rational eng...
 

 
IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 143798.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top