| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not properly handle an empty salt string, which might allow remote attackers to bypass authentication by leveraging an application that relies on the PHP crypt function to choose a salt for password hashing. |
| Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests. |
| The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID CSCud14691. |
| The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations. |
| 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute. |
| The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. |
| Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression. |
| Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks. |
| FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem. |
| The createRandomPassword function in includes/functions_common.php in Virtual War (aka VWar) 1.6.1 R2 uses a small range of values to select the seed argument for the PHP mt_srand function, which makes it easier for remote attackers to determine randomly generated passwords via a brute-force attack. |
| The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys. |
| FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
| Layton Helpbox 4.4.0 allows remote attackers to discover cleartext credentials for the login page by sniffing the network. |
| The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. |
| The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. |
| The Groupon Redemptions application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. |
| The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading broadcast packets, a different vulnerability than CVE-2012-4366. |
| The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows man-in-the-middle attackers to install arbitrary firmware by spoofing a distribution server. |
| The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements. |
| The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key. |