Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digest vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-2292
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allows remote malicious users to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Mozilla Firefox
Mozilla Seamonkey
Microsoft Internet Explorer 7.0.5730.11
5.5
CVSSv2
CVE-2021-21474
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and wi...
Sap Hana Database 2.00
Sap Hana Database 1.00
10
CVSSv2
CVE-2017-5689
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged netwo...
Intel Active Management Technology Firmware 6.1
Intel Active Management Technology Firmware 6.2
Intel Active Management Technology Firmware 10.0
Intel Active Management Technology Firmware 11.0
Intel Active Management Technology Firmware 6.0
Intel Active Management Technology Firmware 9.0
Intel Active Management Technology Firmware 9.1
Intel Active Management Technology Firmware 9.5
Intel Active Management Technology Firmware 7.0
Intel Active Management Technology Firmware 7.1
Intel Active Management Technology Firmware 11.5
Intel Active Management Technology Firmware 11.6
Intel Active Management Technology Firmware 8.0
Intel Active Management Technology Firmware 8.1
1 EDB exploit
2 Metasploit modules
1 Nmap script
35 Github repositories
3 Articles
5
CVSSv2
CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote malicious users to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll...
Cisco Call Manager 5.1.1.3000
7.1
CVSSv2
CVE-2013-5172
The kernel in Apple Mac OS X prior to 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent malicious users to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.5
4.3
CVSSv2
CVE-2008-3746
neon 0.28.0 up to and including 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function.
Webdav Neon 0.28.1
Webdav Neon 0.28.2
Webdav Neon 0.28.0
6.3
CVSSv2
CVE-2019-10706
Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary...
Westerndigital Sandisk X600 Sd9tb8w-128g Firmware
Westerndigital Sandisk X600 Sd9tb8w-256g Firmware
Westerndigital Sandisk X600 Sd9tb8w-512g Firmware
Westerndigital Sandisk X600 Sd9tb8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9tb8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9tn8w-128g Firmware
Westerndigital Sandisk X600 Sd9tn8w-256g Firmware
Westerndigital Sandisk X600 Sd9tn8w-512g Firmware
Westerndigital Sandisk X600 Sd9tn8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9tn8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9sb8w-128g Firmware
Westerndigital Sandisk X600 Sd9sb8w-256g Firmware
Westerndigital Sandisk X600 Sd9sb8w-512g Firmware
Westerndigital Sandisk X600 Sd9sb8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9sb8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9sn8w-128g Firmware
Westerndigital Sandisk X600 Sd9sn8w-256g Firmware
Westerndigital Sandisk X600 Sd9sn8w-512g Firmware
Westerndigital Sandisk X600 Sd9sn8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9sn8w-2t00 Firmware
Westerndigital Sandisk X300s Sd7sb3q-064g Firmware -
Westerndigital Sandisk X300s Sd7sn3q-064g Firmware -
4
CVSSv2
CVE-2014-9749
Squid 3.4.4 up to and including 3.4.11 and 3.5.0.1 up to and including 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
Squid-cache Squid 3.4.10
Squid-cache Squid 3.4.12
Squid-cache Squid 3.4.5
Squid-cache Squid 3.4.6
Squid-cache Squid 3.4.7
Squid-cache Squid 3.4.8
Squid-cache Squid 3.5.0.1
Squid-cache Squid 3.5.0.2
Squid-cache Squid 3.5.0.3
Squid-cache Squid 3.5.0.4
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.9
Squid-cache Squid 3.4.11
Squid-cache Squid 3.4.13
Squid-cache Squid 3.5.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2023-46847
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
Squid-cache Squid
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 8.0 S390x
Redhat Enterprise Linux For Arm 64 8.0 Aarch64
Redhat Enterprise Linux Server Tus 9.2
6.9
CVSSv2
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
Sudo Project Sudo 1.8.15
Sudo Project Sudo 1.8.14
Sudo Project Sudo 1.8.13
Sudo Project Sudo 1.8.12
Sudo Project Sudo 1.8.10
Sudo Project Sudo 1.8.9
Sudo Project Sudo 1.8.11
Sudo Project Sudo 1.8.8
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »