映射到 CWE-310,CWE-312,CWE-326 的搜索结果 (1786)

CVE-2016-4457(发布:2017-06-08 14:29:00)NMPS
CVSS5.0

[原文]CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.

CVE-2016-3019(发布:2017-06-07 13:29:00)NMS
CVSS4.0

[原文]IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.

CVE-2017-7485(发布:2017-05-12 15:29:00)NMPS
CVSS4.3

[原文]In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.

CVE-2016-6489(发布:2017-04-14 14:59:00)NMP
CVSS5.0

[原文]The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

CVE-2016-5056(发布:2017-04-09 23:59:01)NM
CVSS5.0

[原文]OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.

CVE-2016-7585(发布:2017-04-01 21:59:00)NMPS
CVSS2.1

[原文]An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter.

首页上一页56789101112下一页尾页 第7页 / 共298页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站