映射到 CWE-310,CWE-312,CWE-326 的搜索结果 (1786)

CVE-2016-2379(发布:2017-03-29 16:59:00)NMP
CVSS3.3

[原文]The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords.

CVE-2015-8234(发布:2017-03-29 10:59:00)NMS
CVSS4.3

[原文]The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.

CVE-2016-9121(发布:2017-03-27 22:59:00)NM
CVSS6.4

[原文]go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making it vulnerable to an invalid curve attack.

CVE-2016-6225(发布:2017-03-23 12:59:00)NM
CVSS4.3

[原文]xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394.

CVE-2016-2879(发布:2017-03-01 16:59:00)NMS
CVSS2.1

[原文]IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341.

CVE-2015-4056(发布:2017-02-21 14:59:00)NMCPS
CVSS2.1

[CNNVD]VCE Vision Intelligent Operations 本地安全漏洞--VCE Vision Intelligent Operations是美国VCE公司的一套支持跨多种系统的数据中心软件。该软件提供融合基础设施管理、系统健康检查等功能。 VCE Vision Intelligent Operations中存在本地安全漏洞。本地攻击者可利用该漏洞获取...

首页上一页678910111213下一页尾页 第8页 / 共298页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站