Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-21 | CVE-2007-5024 | Cryptographic Issues vulnerability in EMC VMWare Server 1.0.4/1.0.4Build56528 EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2005-3620. | 2.1 |
| 2007-09-18 | CVE-2007-4960 | Cryptographic Issues vulnerability in Linden LAB Second Life 1 Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as used in Internet Explorer and possibly Firefox, allows remote attackers to obtain sensitive information via a '" ' (double-quote space) sequence followed by the -autologin and -loginuri arguments, which cause the handler to post login credentials and software installation details to an arbitrary URL. | 5.0 |
| 2007-09-18 | CVE-2007-4751 | Cryptographic Issues vulnerability in Data-Vision Remotedocs R-Viewer RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files. | 1.9 |
| 2007-09-18 | CVE-2007-4750 | Cryptographic Issues vulnerability in Data-Vision Remotedocs R-Viewer Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension. | 9.3 |
| 2007-09-18 | CVE-2007-4928 | Cryptographic Issues vulnerability in Axis 207W Network Camera The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information. | 4.9 |
| 2007-09-18 | CVE-2007-4926 | Cryptographic Issues vulnerability in Axis 207W Camera The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors. | 9.3 |
| 2007-08-31 | CVE-2007-4613 | Cryptographic Issues vulnerability in BEA Weblogic Server SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a different vulnerability than CVE-2006-2461. | 6.8 |
| 2007-07-16 | CVE-2007-3805 | Cryptographic Issues vulnerability in Clavister Coreplus 8.81.00 The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates. | 5.4 |
| 2007-01-17 | CVE-2007-0014 | Cryptographic Issues vulnerability in SUN Chainkey Java Code Protection ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader with a modified defineClass method that saves the bytecode to a file before it is passed to the JVM. | 4.4 |
| 2006-12-21 | CVE-2006-6674 | Cryptographic Issues vulnerability in Ozeki Http-Sms Gateway Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local users to obtain sensitive information. | 2.1 |