Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digest vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
NA
CVE-2007-2292
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allows remote malicious users to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Mozilla Firefox
Mozilla Seamonkey
Microsoft Internet Explorer 7.0.5730.11
6.5
CVSSv3
CVE-2021-21474
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and wi...
Sap Hana Database 2.00
Sap Hana Database 1.00
9.8
CVSSv3
CVE-2017-5689
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged netwo...
Intel Active Management Technology Firmware 6.1
Intel Active Management Technology Firmware 6.2
Intel Active Management Technology Firmware 10.0
Intel Active Management Technology Firmware 11.0
Intel Active Management Technology Firmware 6.0
Intel Active Management Technology Firmware 9.0
Intel Active Management Technology Firmware 9.1
Intel Active Management Technology Firmware 9.5
Intel Active Management Technology Firmware 7.0
Intel Active Management Technology Firmware 7.1
Intel Active Management Technology Firmware 11.5
Intel Active Management Technology Firmware 11.6
Intel Active Management Technology Firmware 8.0
Intel Active Management Technology Firmware 8.1
1 EDB exploit
2 Metasploit modules
1 Nmap script
36 Github repositories
3 Articles
NA
CVE-2013-5172
The kernel in Apple Mac OS X prior to 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent malicious users to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.5
NA
CVE-2007-5468
Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote malicious users to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll...
Cisco Call Manager 5.1.1.3000
NA
CVE-2008-3746
neon 0.28.0 up to and including 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function.
Webdav Neon 0.28.1
Webdav Neon 0.28.2
Webdav Neon 0.28.0
6.3
CVSSv3
CVE-2019-10706
Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary...
Westerndigital Sandisk X600 Sd9tb8w-128g Firmware
Westerndigital Sandisk X600 Sd9tb8w-256g Firmware
Westerndigital Sandisk X600 Sd9tb8w-512g Firmware
Westerndigital Sandisk X600 Sd9tb8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9tb8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9tn8w-128g Firmware
Westerndigital Sandisk X600 Sd9tn8w-256g Firmware
Westerndigital Sandisk X600 Sd9tn8w-512g Firmware
Westerndigital Sandisk X600 Sd9tn8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9tn8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9sb8w-128g Firmware
Westerndigital Sandisk X600 Sd9sb8w-256g Firmware
Westerndigital Sandisk X600 Sd9sb8w-512g Firmware
Westerndigital Sandisk X600 Sd9sb8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9sb8w-2t00 Firmware
Westerndigital Sandisk X600 Sd9sn8w-128g Firmware
Westerndigital Sandisk X600 Sd9sn8w-256g Firmware
Westerndigital Sandisk X600 Sd9sn8w-512g Firmware
Westerndigital Sandisk X600 Sd9sn8w-1t00 Firmware
Westerndigital Sandisk X600 Sd9sn8w-2t00 Firmware
Westerndigital Sandisk X300s Sd7sb3q-064g Firmware -
Westerndigital Sandisk X300s Sd7sn3q-064g Firmware -
NA
CVE-2014-9749
Squid 3.4.4 up to and including 3.4.11 and 3.5.0.1 up to and including 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."
Squid-cache Squid 3.4.10
Squid-cache Squid 3.4.12
Squid-cache Squid 3.4.5
Squid-cache Squid 3.4.6
Squid-cache Squid 3.4.7
Squid-cache Squid 3.4.8
Squid-cache Squid 3.5.0.1
Squid-cache Squid 3.5.0.2
Squid-cache Squid 3.5.0.3
Squid-cache Squid 3.5.0.4
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.9
Squid-cache Squid 3.4.11
Squid-cache Squid 3.4.13
Squid-cache Squid 3.5.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
9.8
CVSSv3
CVE-2020-11945
An issue exists in Squid prior to 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »