映射到 CWE-310,CWE-312,CWE-326 的搜索结果 (1786)
[CNNVD]EllisLab CodeIgniter Cookie 安全漏洞--EllisLab CodeIgniter是美国EllisLab公司的一套针对于PHP网站开发者使用的应用程序开发框架和工具包。
EllisLab CodeIgniter 2.1.4及之前的版本中存在安全漏洞。攻击者可利用该漏洞获取敏感信息。
[原文]Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.
[原文]IBM QRadar Network Security 5.4 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 128689.
[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.
[原文]A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V220.127.116.11). The existing TLS protocol implementation could allow an attacker to read and modify data within a TLS session while performing a Man-in-the-Middle (MitM) attack.