Total
2470 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1391 | 1 Research Triangle Software | 1 Cryptobuddy | 2017-07-28 | 7.5 HIGH | N/A |
| RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. | |||||
| CVE-2002-2303 | 1 3d3.com | 1 Shopfactory | 2017-07-28 | 7.8 HIGH | N/A |
| 3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data. | |||||
| CVE-2003-1390 | 1 Research Triangle Software | 1 Cryptobuddy | 2017-07-28 | 7.5 HIGH | N/A |
| RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. | |||||
| CVE-2003-1389 | 1 Research Triangle Software | 1 Cryptobuddy | 2017-07-28 | 7.5 HIGH | N/A |
| RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks. | |||||
| CVE-2003-1344 | 1 Trend Micro | 1 Virus Control System | 2017-07-28 | 5.0 MEDIUM | N/A |
| Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | |||||
| CVE-2004-2721 | 1 Heiko Stamer | 1 Openskat | 2017-07-28 | 4.3 MEDIUM | N/A |
| The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages. | |||||
| CVE-2004-2703 | 1 Clearswift | 4 Mailsweeper Business Suite I, Mailsweeper Business Suite Ii, Mailsweeper For Smtp and 1 more | 2017-07-28 | 4.3 MEDIUM | N/A |
| Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted". | |||||
| CVE-2003-1483 | 1 Flashfxp | 1 Flashfxp | 2017-07-28 | 6.4 MEDIUM | N/A |
| FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. | |||||
| CVE-2003-1447 | 1 Ibm | 1 Websphere Application Server | 2017-07-28 | 1.9 LOW | N/A |
| IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | |||||
| CVE-2006-5982 | 1 Biba Software | 1 Seleniumserver Ftp Server | 2017-07-19 | 10.0 HIGH | N/A |
| SeleniumServer FTP Server 1.0, and possibly earlier, stores user passwords in plaintext in the Servers directory, which allows attackers to obtain passwords by reading the file. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2005-4066 | 1 Christian Ghisler | 1 Total Commander | 2017-07-19 | 4.9 MEDIUM | N/A |
| Total Commander 6.53 uses weak encryption to store FTP usernames and passwords in WCX_FTP.INI, which allows local users to decrypt the passwords and gain access to FTP servers, as possibly demonstrated by the W32.Gudeb worm. | |||||
| CVE-2016-10099 | 1 Borg Project | 1 Borg | 2017-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. | |||||
| CVE-2016-7585 | 1 Apple | 1 Mac Os X | 2017-07-11 | 2.1 LOW | 6.8 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter. | |||||
| CVE-2014-5648 | 1 Jaumo | 1 Chat Flirt \& Dating Heart Jaumo | 2017-07-11 | 5.4 MEDIUM | N/A |
| The Chat, Flirt & Dating Heart JAUMO (aka com.jaumo) application 2.7.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5667 | 1 Nq | 1 Vault-hide Sms Pics \& Videos | 2017-07-11 | 5.4 MEDIUM | N/A |
| The Vault-Hide SMS, Pics & Videos (aka com.netqin.ps) application 5.0.14.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5579 | 1 Anywherepad | 1 Anywhere Pad-meet Collaborate | 2017-07-11 | 5.4 MEDIUM | N/A |
| The Anywhere Pad-Meet, Collaborate (aka com.azeus.anywherepad) application 4.0.1031 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5983 | 1 Threadflip | 1 Threadflip Buy Sell Fashion | 2017-07-11 | 5.4 MEDIUM | N/A |
| The Threadflip : Buy, Sell Fashion (aka com.threadflip.android) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5646 | 1 Iobit | 1 Amc Security Antivirus Clean | 2017-07-11 | 5.4 MEDIUM | N/A |
| The AMC Security- Antivirus, Clean (aka com.iobit.mobilecare) application 4.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5894 | 1 Pingshow | 1 Airetalk Text Call \& More\! | 2017-07-11 | 5.4 MEDIUM | N/A |
| The AireTalk: Text, Call, & More! (aka com.pingshow.amper) application 2.0.73 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2014-5640 | 1 Cmcm | 1 Cm Backup Restore Cloud Photo | 2017-07-11 | 5.4 MEDIUM | N/A |
| The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||