Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digest vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-37847
crypto/digest.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because memcmp is used during digest verification.
Pengutronix Barebox
5
CVSSv2
CVE-2007-5469
OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote malicious users to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authen...
Openser Openser 1.2.2
7.5
CVSSv2
CVE-2020-4068
In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is likely to result in a heap buffer overflow. This has been fixed in 1.0.1.
Apnswift Project Apnswift 1.0.0
4
CVSSv2
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .
Apache Qpid-cpp 1.0
7.5
CVSSv2
CVE-2018-10243
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote malicious users to cause a heap-based buffer over-read via an authorization digest header.
Oisf Libhtp 0.5.26
7.2
CVSSv2
CVE-1999-1487
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
Ibm Aix 4.1.1
Ibm Aix 4.1.2
Ibm Aix 4.1.3
Ibm Aix 4.1.4
Ibm Aix 4.2
Ibm Aix 4.3
Ibm Aix 4.1
Ibm Aix 4.1.5
Ibm Aix 4.2.1
10
CVSSv2
CVE-2020-36177
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL prior to 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
Wolfssl Wolfssl
7.5
CVSSv2
CVE-2019-25002
An issue exists in the sodiumoxide crate prior to 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.
Sodiumoxide Project Sodiumoxide
NA
CVE-2023-0401
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initializat...
Openssl Openssl
Stormshield Stormshield Management Center
7.5
CVSSv2
CVE-2022-24754
PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJ...
Teluu Pjsip
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »