Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digest vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-3345
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.
Gnupg Libgcrypt 1.9.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
2 Github repositories
7.5
CVSSv2
CVE-2001-1376
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote malicious users to cause a denial of service and possibly execute arbitrary code via shared secret data.
Gnu Radius 0.95
Icradius Icradius 0.14
Livingston Radius 2.0
Livingston Radius 2.0.1
Livingston Radius 2.1
Miquel Van Smoorenburg Cistron Radius 1.6.4
Miquel Van Smoorenburg Cistron Radius 1.6.5
Radiusclient Radiusclient 0.3.1
Xtradius Xtradius 1.1 Pre1
Ascend Radius 1.16
Freeradius Freeradius 0.2
Icradius Icradius 0.15
Icradius Icradius 0.16
Lucent Radius 2.0
Lucent Radius 2.0.1
Miquel Van Smoorenburg Cistron Radius 1.6 .0
Openradius Openradius 0.8
Yard Radius Project Yard Radius 1.0.16
Yard Radius Yard Radius 1.0.17
Gnu Radius 0.93
Gnu Radius 0.94
Icradius Icradius 0.18
7.5
CVSSv2
CVE-2006-5639
Unspecified vulnerability in the random number generator in OpenWBEM (Web Based Enterprise Management) 3.2.0 allows malicious users to gain privileges via vectors related to "local or HTTP Digest authentication."
Openwbem Openwbem
Openwbem Openwbem 3.2
4
CVSSv2
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and previous versions does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy.
Geopp Geo\\+\\+ Gncaster
Geopp Geo\\+\\+ Gncaster 1.4.0.0
NA
CVE-2018-16153
An issue exists in Apereo Opencast 4.x up to and including 10.x prior to 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations.
Apereo Opencast
7.5
CVSSv2
CVE-2007-2291
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote malicious users to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute.
Microsoft Internet Explorer 7.0.5730.11
7.5
CVSSv2
CVE-2020-25844
The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege.
Panorama Nhiservisignadapter 1.0.20.0218
5
CVSSv2
CVE-2006-2712
Secure Elements Class 5 AVR (aka C5 EVM) client and server prior to 2.8.1 do not verify the integrity of a message digest, which allows remote malicious users to modify and replay messages.
Secure Elements Class 5 Enterprise Vulnerability Management 2.8.0
7.5
CVSSv2
CVE-2021-31917
A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 up to and including 12.0.0). An attacker could bypass authentication on all REST endpoints when DIGEST is used as the authentication method. The highest threat from this vulnerability ...
Infinispan Infinispan-server-rest
Redhat Data Grid 8.0.0
Redhat Data Grid 8.0.1
Redhat Data Grid 8.1.0
Redhat Data Grid 8.1.1
5
CVSSv2
CVE-2008-7288
IBM Tivoli Directory Server (TDS) 5.2 prior to 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote malicious users to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation.
Ibm Tivoli Directory Server 5.2.0
Ibm Tivoli Directory Server 5.2.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »