• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-319

CVE-2019-14664

February 26, 2023 by

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection mechanisms implemented after the “EFAIL” attacks.

CVE-2019-14319

February 26, 2023 by

The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic.

CVE-2019-13498

February 26, 2023 by

One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4.

CVE-2019-13394

February 26, 2023 by

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.

CVE-2019-12967

February 26, 2023 by

Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier versions) has Incorrect Access Control.

CVE-2019-12813

February 26, 2023 by

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. The key and salt used for obfuscating the fingerprint image exhibit cleartext when the fingerprint scanner device transfers a fingerprint image to the driver. An attacker who sniffs an encrypted fingerprint image can easily decrypt that image using the key and salt.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 38
  • Go to page 39
  • Go to page 40
  • Go to page 41
  • Go to page 42
  • Interim pages omitted …
  • Go to page 69
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE