Lucene search

Lasso Security Vulnerabilities

cve

CVE-2021-28091

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic...

7.5CVSS

7.2AI Score

0.004EPSS

2021-06-04 03:15 PM

162

cve

CVE-2015-1783

The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified...

7.5CVSS

7.2AI Score

0.008EPSS

2017-08-11 09:29 PM

cve

CVE-2009-0050

Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

7.1AI Score

0.007EPSS

2009-01-07 06:30 PM

cve

CVE-2005-2605

Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth]...

7AI Score

0.002EPSS

2005-08-17 04:00 AM

cve

CVE-2002-2118

Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long...

7.2AI Score

0.012EPSS

2005-08-05 04:00 AM