Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digest vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-11945
An issue exists in Squid prior to 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
7
CVSSv3
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.
Sudo Project Sudo 1.8.15
Sudo Project Sudo 1.8.14
Sudo Project Sudo 1.8.13
Sudo Project Sudo 1.8.12
Sudo Project Sudo 1.8.10
Sudo Project Sudo 1.8.9
Sudo Project Sudo 1.8.11
Sudo Project Sudo 1.8.8
1 Github repository
7.5
CVSSv3
CVE-2021-37847
crypto/digest.c in Pengutronix barebox up to and including 2021.07.0 leaks timing information because memcmp is used during digest verification.
Pengutronix Barebox
NA
CVE-2007-5469
OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote malicious users to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authen...
Openser Openser 1.2.2
NA
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
9.8
CVSSv3
CVE-2020-4068
In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is likely to result in a heap buffer overflow. This has been fixed in 1.0.1.
Apnswift Project Apnswift 1.0.0
9.8
CVSSv3
CVE-2018-10243
htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote malicious users to cause a heap-based buffer over-read via an authorization digest header.
Oisf Libhtp 0.5.26
6.5
CVSSv3
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .
Apache Qpid-cpp 1.0
NA
CVE-1999-1487
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
Ibm Aix 4.1.1
Ibm Aix 4.1.2
Ibm Aix 4.1.3
Ibm Aix 4.1.4
Ibm Aix 4.2
Ibm Aix 4.3
Ibm Aix 4.1
Ibm Aix 4.1.5
Ibm Aix 4.2.1
9.8
CVSSv3
CVE-2020-36177
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL prior to 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
Wolfssl Wolfssl
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »