Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18021 | 1 Qtpass | 1 Qtpass | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI. | |||||
CVE-2017-17845 | 2 Debian, Enigmail | 2 Debian Linux, Enigmail | 2023-12-10 | 7.5 HIGH | 7.3 HIGH |
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001. | |||||
CVE-2017-5493 | 1 Wordpress | 1 Wordpress | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup. | |||||
CVE-2017-8081 | 1 Cagintranetworks | 1 Getsimple Cms | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce. |