Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-04-09 | CVE-2008-1711 | Cryptographic Issues vulnerability in Terong Advanced web Photo Gallery 1.0 Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information. | 5.0 |
| 2008-03-26 | CVE-2008-1527 | Cryptographic Issues vulnerability in Zyxel Prestige 660, Prestige 661 and Zynos ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack. | 7.5 |
| 2008-03-20 | CVE-2008-1431 | Cryptographic Issues vulnerability in Raidsonic Technology Firmware 2.6.0N RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key. | 2.1 |
| 2008-03-18 | CVE-2008-1383 | Cryptographic Issues vulnerability in Gentoo Linux The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate. | 1.9 |
| 2008-03-10 | CVE-2008-1263 | Cryptographic Issues vulnerability in Linksys Wrt54G The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. | 4.0 |
| 2008-02-13 | CVE-2008-0759 | Cryptographic Issues vulnerability in Group Logic Extremez-Ip File Server and Extremez-Ip Print Server ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allows remote attackers to cause a denial of service (daemon crash) via an invalid UAM field in a request to the Apple Filing Protocol (AFP) service on TCP port 548. | 5.0 |
| 2008-01-04 | CVE-2007-6635 | Cryptographic Issues vulnerability in Netbizcity Faqmasterflexplus FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access. | 6.4 |
| 2007-12-24 | CVE-2007-6521 | Cryptographic Issues vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates. | 10.0 |
| 2007-12-19 | CVE-2007-5863 | Cryptographic Issues vulnerability in Apple mac OS X and mac OS X Server Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option. | 9.3 |
| 2007-12-01 | CVE-2007-5502 | Cryptographic Issues vulnerability in Openssl Fips Object Module 1.1.1 The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness. | 6.4 |