Lucene search
K

154 matches found

Symantec
Symantec
added 2017/03/14 12:0 a.m.26 views

Microsoft Windows Hyper-V CVE-2017-0076 Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 for...

2.9CVSS5.7AI score0.01594EPSS
Exploits0Affected Software3
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.40 views

SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0539-1)

OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could be recovered. CVE-2014-0076 The update also enables use of SHA-2 family certificate verification of X.509 certificates used in todays SSL certificate infrastructure. Note...

1.9CVSS7AI score0.00942EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.41 views

SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0538-1)

OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could have been recovered. CVE-2014-0076 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

1.9CVSS7AI score0.00942EPSS
Exploits1References5
CVE
CVE
added 2015/03/11 10:0 a.m.82 views

CVE-2015-0076

CVE-2015-0076 affects the Microsoft Windows Photo Decoder component across Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012 (Gold/R2) and Windows RT/8.1. The vulnerability stems from not properly initializing memory when rendering JPEG XR (.JXR) images, allowin...

4.3CVSS5.8AI score0.15351EPSS
Exploits0References3Affected Software8
Check Point Advisories
Check Point Advisories
added 2015/03/10 12:0 a.m.4 views

Microsoft JPEG XR Parser Information Disclosure (MS15-029; CVE-2015-0076)

An information disclosure vulnerability has been reported in Microsoft JPEG XR Parser. The vulnerability is triggered when Windows fails to properly handle uninitialized memory when parsing certain, specially crafted JPEG XR image format files. A remote attacker can exploit this issue by enticing...

4.3CVSS5.7AI score0.15351EPSS
Exploits0
Symantec
Symantec
added 2015/03/10 12:0 a.m.32 views

Microsoft Windows Graphics Component CVE-2015-0076 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1...

4.3CVSS7.4AI score0.15351EPSS
Exploits0Affected Software11
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.22 views

Internet Explorer CSS Memory Corruption (MS09-002) - Ver2 (CVE-2009-0076)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in the way Microsoft Internet Explorer handles Cascading Style Sheets CSS. A remote attacker could exploit this issue by convincing a user to visit a specially crafted HTM...

9.3CVSS6.8AI score0.33537EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/08/14 12:0 a.m.899 views

OpenSSL 'ChangeCipherSpec' MiTM Vulnerability

The OpenSSL service on the remote host is vulnerable to a man-in-the-middle MiTM attack, based on its acceptance of a specially crafted handshake. This flaw could allow a MiTM attacker to decrypt or forge SSL messages by telling the service to begin encrypted communications before key material ha...

7.4CVSS7.5AI score0.99977EPSS
Exploits14References10
Tenable Nessus
Tenable Nessus
added 2014/08/12 12:0 a.m.437 views

HP Version Control Agent (VCA) < 7.3.3 Multiple SSL Vulnerabilities

The RPM installation of HP Version Control Agent VCA on the remote Linux host is a version prior to 7.3.3. It is, therefore, affected by multiple vulnerabilities in the bundled version of SSL : - An error exists in the 'ssl3readbytes' function that permits data to be injected into other sessions ...

7.4CVSS8.1AI score0.99977EPSS
Exploits14References9
Tenable Nessus
Tenable Nessus
added 2014/06/19 12:0 a.m.351 views

McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075)

The remote host is running a version of McAfee Web Gateway MWG that is affected by multiple vulnerabilities due to flaws in the OpenSSL library : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note thi...

7.4CVSS8.1AI score0.99977EPSS
Exploits14References15
Tenable Nessus
Tenable Nessus
added 2014/06/19 12:0 a.m.51 views

McAfee ePolicy Orchestrator Multiple OpenSSL Vulnerabilities (SB10075)

The remote host is running a version of McAfee ePolicy Orchestrator that is affected by multiple vulnerabilities due to flaws in the OpenSSL library : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Not...

7.4CVSS8.1AI score0.99977EPSS
Exploits14References16
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.89 views

Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco ONS device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD' cache...

4.3CVSS7.7AI score0.85784EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.79 views

Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco TelePresence MCU device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD...

7.4CVSS7.5AI score0.95326EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : MozillaFirefox (MozillaFirefox-4459)

Mozilla Firefox was updated to the 3.6.17 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances,...

10CVSS8.4AI score0.73655EPSS
Exploits20References17
Tenable Nessus
Tenable Nessus
added 2014/06/05 12:0 a.m.1258 views

OpenSSL 'ChangeCipherSpec' MiTM Potential Vulnerability

The OpenSSL service on the remote host is potentially vulnerable to a man-in-the-middle MiTM attack, based on its response to two consecutive 'ChangeCipherSpec' messages during the incorrect phase of an SSL/TLS handshake. This flaw could allow a MiTM attacker to decrypt or forge SSL messages by...

7.4CVSS8.3AI score0.99977EPSS
Exploits14References10
Tenable Nessus
Tenable Nessus
added 2014/06/03 12:0 a.m.66 views

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities

The remote Windows host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

7.1CVSS7AI score0.03077EPSS
Exploits1References27
Tenable Nessus
Tenable Nessus
added 2014/05/06 12:0 a.m.85 views

VMware Horizon Workspace 1.8 < 1.8.1 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)

The version of VMware Horizon Workspace installed on the remote host is version 1.8.x prior to 1.8.1. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm...

7.5CVSS7.8AI score0.99999EPSS
Exploits89References9
Tenable Nessus
Tenable Nessus
added 2014/04/21 12:0 a.m.191 views

VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)

The installed version of VMware Workstation 10.x is prior to 10.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

7.5CVSS7AI score0.99999EPSS
Exploits89References8
Tenable Nessus
Tenable Nessus
added 2014/04/21 12:0 a.m.53 views

VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)

The installed version of VMware Player 6.x running on Windows is earlier than 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could...

7.5CVSS7.8AI score0.99999EPSS
Exploits89References8
Tenable Nessus
Tenable Nessus
added 2014/04/21 12:0 a.m.46 views

VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)

The installed version of VMware Player 6.x running on Linux is prior to 6.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow...

7.5CVSS7.8AI score0.99999EPSS
Exploits89References8
Rows per page
Query Builder