Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

7.5CVSS7.4AI score0.19295EPSS
Exploits0References39
RedhatCVE
RedhatCVE
added 2019/10/08 11:45 a.m.61 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS4.4AI score0.19295EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/07/09 1:55 p.m.3 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.42 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:2072-1)

This update for ovmf fixes the following issues: Security issues fixed : - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth bsc1094289. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE securi...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2018/12/31 12:0 a.m.47 views

AnimaxTechnology.in India Web Design 1.0 SQL Injection

Exploit Title : AnimaxTechnology.in India Web Design 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : animaxtechnology.in Tested On : Windows and Linux Exploit Risk : Medium Version Information : Apache 2.4.33 - OpenSSL 1.0.2o CWE : CWE-89 Improper...

0.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/10/30 11:11 a.m.4 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/10/30 9:51 a.m.7 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
CNVD
CNVD
added 2018/06/14 12:0 a.m.1 views

OpenSSL Denial of Service Vulnerability (CNVD-2018-12153)

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

7.5CVSS6.3AI score0.49268EPSS
Exploits0References1
NVD
NVD
added 2018/04/16 6:29 p.m.17 views

CVE-2018-0737

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev Affected 1.1.0-1.1.0h...

5.9CVSS6.4AI score0.12046EPSS
Exploits0References34
Debian CVE
Debian CVE
added 2018/04/16 5:0 p.m.42 views

CVE-2018-0737

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev Affected 1.1.0-1.1.0h...

5.9CVSS6.4AI score0.12046EPSS
Exploits0
NVD
NVD
added 2018/03/27 9:29 p.m.26 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6AI score0.19295EPSS
Exploits0References34
Prion
Prion
added 2018/03/27 9:29 p.m.33 views

Design/Logic Flaw

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

4.3CVSS6.4AI score0.19295EPSS
Exploits0References34Affected Software3
OSV
OSV
added 2018/03/27 9:29 p.m.3 views

ALPINE-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 9:29 p.m.2 views

DEBIAN-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS9.3AI score0.19295EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/03/27 9:0 p.m.45 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS7.3AI score0.19295EPSS
Exploits0
Rows per page
Query Builder