Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/14 12:0 a.m.49 views

RHEL 6 : openssl (RHSA-2019:2471)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2471 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

5.9CVSS6.5AI score0.17139EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2019/08/13 12:0 a.m.89 views

openssl security and bug fix update

1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...

5.9CVSS1.5AI score0.17139EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.143 views

RHEL 7 : openssl (RHSA-2019:2304)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2304 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
added 2019/06/27 12:0 a.m.579 views

Security update for compat-openssl098 (moderate)

openSUSE Security Update: Security update for compat-openssl098 Announcement ID: openSUSE-SU-2019:1637-1 Rating: moderate References: 1117951 1127080 1131291 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has two fixes is now...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/05/29 12:0 a.m.35 views

SUSE SLES12 Security Update : openssl (SUSE-SU-2019:1362-1)

This update for openssl fixes the following issues : Security issue fixed : CVE-2019-1559: Fixed a 0-byte record padding oracle via SSLshutdown bsc1127080. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References4
OSV
OSV
added 2019/05/28 8:50 a.m.4 views

SUSE-SU-2019:1362-1 Security update for openssl

This update for openssl fixes the following issues: Security issue fixed: - CVE-2019-1559: Fixed a 0-byte record padding oracle via SSLshutdown bsc1127080...

5.9CVSS5.5AI score0.17139EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/05/21 12:0 a.m.210 views

Security update for openssl-1_0_0 (moderate)

openSUSE Security Update: Security update for openssl-100 Announcement ID: openSUSE-SU-2019:1432-1 Rating: moderate References: 1117951 1127080 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

5.9CVSS6.4AI score0.17139EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/08 7:20 p.m.47 views

Security Bulletin: IBM DataPower Gateway is affected by a padding oracle vulnerability (CVE-2019-1559)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2019-1559 Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts...

5.9CVSS1AI score0.17139EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/08 12:0 a.m.102 views

Security update for openssl (moderate)

openSUSE Security Update: Security update for openssl Announcement ID: openSUSE-SU-2019:1175-1 Rating: moderate References: 1100078 1113975 1117951 1127080 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has three fixes is now...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References4
OSV
OSV
added 2019/04/02 10:59 a.m.9 views

OPENSUSE-SU-2019:1105-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

5.9CVSS5.9AI score0.17139EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2019:0803-1)

This update for openssl fixes the following issues : Security issues fixed : The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/03/13 12:0 a.m.39 views

SUSE SLED15 / SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2019:0600-1)

This update for openssl-100 fixes the following issues : Security issues fixed : The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/03/11 12:0 a.m.60 views

SUSE SLED12 / SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2019:0572-1)

This update for openssl-100 fixes the following issues : Security issues fixed : The 9 Lives of Bleichenbacher's CAT: Cache Attacks on TLS Implementations bsc1117951 CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/02/27 11:0 p.m.35 views

CVE-2019-1559 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

6.2AI score0.17139EPSS
Exploits0References36
Tenable Nessus
Tenable Nessus
added 2019/02/21 12:0 a.m.79 views

FreeBSD : OpenSSL -- Padding oracle vulnerability (7700061f-34f7-11e9-b95c-b499baebfeaf)

The OpenSSL project reports : 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...

5.9CVSS6.3AI score0.17139EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2019/01/02 12:0 a.m.21 views

uriparser -- Out-of-bounds read

Upstream project reports: Out-of-bounds read in uriParseEx for incomplete URIs with IPv6 addresses with embedded IPv4 address, e.g. "//::44.1"; mitigated if passed parameter afterLast points to readable memory containing a '\0' byte...

2.6AI score
Exploits0References1
Prion
Prion
added 2017/01/27 5:59 p.m.29 views

Null pointer dereference

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

5CVSS7.5AI score0.06471EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2017/01/27 5:59 p.m.37 views

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

7.5CVSS6.7AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2016/11/23 5:19 p.m.48 views

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

7.5CVSS5.3AI score0.06471EPSS
Exploits0References1
Rows per page
Query Builder