Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): SHA-2
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-24609 |
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate. Published: December 21, 2023; 11:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32229 |
Due to an error in the software interface to the secure element chip on Bosch IP cameras of family CPP13 and CPP14, the chip can be permanently damaged when enabling the Stream security option (signing of the video stream) with option MD5, SHA-1 or SHA-256. Published: June 15, 2023; 7:15:09 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-28376 |
Verizon 5G Home LVSKIHP outside devices through 2022-02-15 allow anyone (knowing the device's serial number) to access a CPE admin website, e.g., at the 10.0.0.1 IP address. The password (for the verizon username) is calculated by concatenating the serial number and the model (i.e., the LVSKIHP string), running the sha256sum program, and extracting the first seven characters concatenated with the last seven characters of that SHA-256 value. Published: April 03, 2022; 12:15:08 AM -0400 |
V3.1: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-37551 |
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Published: August 06, 2021; 10:15:08 AM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2020-14516 |
In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. Published: March 18, 2021; 2:15:13 PM -0400 |
V3.1: 10.0 CRITICAL V2.0: 7.5 HIGH |
CVE-2020-4778 |
IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application. IBM X-Force ID: 189156. Published: October 12, 2020; 9:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-11876 |
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code Published: April 17, 2020; 12:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-8239 |
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed. Published: October 10, 2017; 12:29:00 PM -0400 |
V3.0: 7.0 HIGH V2.0: 6.9 MEDIUM |
CVE-2013-5172 |
The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection. Published: October 23, 2013; 11:48:49 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |