Filtered by vendor Openwall
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2483 | 3 Openwall, Php, Postgresql | 3 Crypt Blowfish, Php, Postgresql | 2024-04-23 | 5.0 MEDIUM | N/A |
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. | |||||
CVE-2009-5082 | 2 Gnu, Openwall | 2 Groff, Owl | 2024-02-04 | 3.3 LOW | N/A |
The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*/Linux (aka Owl) improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file. |