Fallos del tipo CWE-310

78 resultados

CVE-2019-3740MEDIUMRSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA kEPSS 3.8%CVE-2019-1804CRITICALCisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key VulnerabilityEPSS 3.4%CVE-2017-3204—The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in EPSS 3.2%CVE-2021-22947MEDIUMWhen curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server EPSS 2.8%CVE-2019-9506HIGHBlutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiationEPSS 2.7%CVE-2019-3739MEDIUMRSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA keEPSS 2.5%CVE-2023-23919HIGHA cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL erroEPSS 2.2%CVE-2018-5464—Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker toEPSS 2.0%CVE-2018-5466—Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker tEPSS 2.0%CVE-2018-5462—Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an atEPSS 2.0%CVE-2019-6576MEDIUMA vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor PaneEPSS 1.7%CVE-2022-32222—A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf tEPSS 1.7%CVE-2018-0281—A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an insEPSS 1.5%CVE-2018-0283—A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an insEPSS 1.5%CVE-2019-3731MEDIUMRSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information EPSS 1.4%CVE-2024-20690MEDIUMWindows Nearby Sharing Spoofing VulnerabilityEPSS 1.3%CVE-2018-5458—Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker tEPSS 1.3%CVE-2017-6766—A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, EPSS 1.2%CVE-2014-5413—Schneider Electric SCADA Expert ClearSCADA Cryptographic IssuesEPSS 1.0%CVE-2019-1940MEDIUMCisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure VulnerabilityEPSS 1.0%

← anteriorpágina 1 / 4siguiente →