CWE-361
5 CVEs classified under CWE-361. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-7547 | Critical | 9.8 | 2017-04-12 | A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. |
CVE-2016-7036 | Critical | 9.8 | 2017-01-23 | python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys. |
CVE-2016-1643 | High | 8.8 | 2016-03-13 | The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, d… |
CVE-2015-5300 | High | 7.5 | 2017-07-21 | The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, whi… |
CVE-2016-7037 | High | 7.5 | 2017-01-23 | The verify function in Encryption/Symmetric.php in Malcolm Fell jwt before 1.0.3 does not use a timing-safe function for hash comparison, which allows attacker… |