Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Stormshield Management Center Security Vulnerabilities

cve
cve

CVE-2002-20001

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resour...

7.5CVSS

7.3AI Score

0.011EPSS

2021-11-11 07:15 PM
190
2
cve
cve

CVE-2022-32213

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).

6.5CVSS

7.2AI Score

0.006EPSS

2022-07-14 03:15 PM
149
8
cve
cve

CVE-2022-32214

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).

6.5CVSS

7AI Score

0.002EPSS

2022-07-14 03:15 PM
140
7
cve
cve

CVE-2022-32215

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

6.5CVSS

7.1AI Score

0.004EPSS

2022-07-14 03:15 PM
150
8
cve
cve

CVE-2023-0215

The public API function BIO_new_NDEF is a helper function used for streamingASN.1 data via a BIO. It is primarily used internally to OpenSSL to support theSMIME, CMS and PKCS7 streaming capabilities, but may also be called directly byend user applications. The function receives a BIO from the calle...

7.5CVSS

7.7AI Score

0.004EPSS

2023-02-08 08:15 PM
560
cve
cve

CVE-2023-0216

An invalid pointer dereference on read can be triggered when anapplication tries to load malformed PKCS7 data with thed2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which couldlead to a denial of service attack. The TLS implementation...

7.5CVSS

7.3AI Score

0.001EPSS

2023-02-08 08:15 PM
381
cve
cve

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processinginside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING butthe public structure definition for GENERAL_NAME incorrectly specified the typeof the x400Address field as ASN1_TYPE. This field is subsequently ...

7.4CVSS

7.5AI Score

0.003EPSS

2023-02-08 08:15 PM
677
cve
cve

CVE-2023-0401

A NULL pointer can be dereferenced when signatures are beingverified on PKCS7 signed or signedAndEnveloped data. In case the hashalgorithm used for the signature is known to the OpenSSL library butthe implementation of the hash algorithm is not available the digestinitialization will fail. There is...

7.5CVSS

7.4AI Score

0.004EPSS

2023-02-08 08:15 PM
375