CWE:
 

Nic nie znaleziono w bazie WLB2


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-08-25
Medium
CVE-2020-14512

Updating...
 

 
GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords.

 
2020-07-14
Low
CVE-2020-10040

Updating...
 

 
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with local access to the device might be able to retrieve some passwords in clear text.

 
2020-06-19
Medium
CVE-2017-18917

Vendor: Mattermost
Software: Mattermost s...
 

 
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. Weak hashing was used for e-mail invitations, OAuth, and e-mail verification tokens.

 
2020-06-15
Medium
CVE-2020-0533

Vendor: Intel
Software: Converged se...
 

 
Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

 
2020-03-24
Medium
CVE-2019-20575

Vendor: Google
Software: Android
 

 
An issue was discovered on Samsung mobile devices with P(9.0) software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 (August 2019).

 
2020-02-12
Low
CVE-2014-2560

Vendor: Phoner
Software: Phonerlite
 

 
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.

 
Low
CVE-2009-5139

Vendor: Google
Software: Gizmo5
 

 
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.

 
2020-02-10
Medium
CVE-2019-20062

Vendor: Mfscripts
Software: Yetishare
 

 
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a leaked hash (the hash never expires until used).

 
2019-12-30
Medium
CVE-2019-19735

Vendor: Mfscripts
Software: Yetishare
 

 
class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing.

 
2019-11-21
Low
CVE-2014-0083

Vendor: Net-ldap project
Software: Net-ldap
 

 
The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top