Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.153 views

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2021-1339)

According to the version of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName...

5.9CVSS7AI score0.06968EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2021/02/17 12:0 a.m.19 views

OpenSSL: Incorrect SSLv2 rollback protection (CVE-2021-23839) - Linux

OpenSSL is prone to an incorrect SSLv2 rollback protection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

4.3CVSS5.7AI score0.02961EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 5:15 p.m.3 views

ALPINE-CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

3.7CVSS6.6AI score0.02961EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 5:15 p.m.2 views

DEBIAN-CVE-2021-23841

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

5.9CVSS9.1AI score0.07471EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 5:15 p.m.4 views

ALPINE-CVE-2021-23841

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

5.9CVSS6.9AI score0.07471EPSS
Exploits0References1
Prion
Prion
added 2021/02/16 5:15 p.m.29 views

Null pointer dereference

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

4.3CVSS6.7AI score0.07471EPSS
Exploits0References21Affected Software20
UbuntuCve
UbuntuCve
added 2021/02/16 5:15 p.m.26 views

CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

4.3CVSS6.7AI score0.02961EPSS
Exploits0References4
OSV
OSV
added 2021/02/16 5:15 p.m.3 views

UBUNTU-CVE-2021-23841

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

5.9CVSS6.7AI score0.07471EPSS
Exploits0References5
Prion
Prion
added 2021/02/16 5:15 p.m.33 views

Design/Logic Flaw

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

5CVSS7.7AI score0.50732EPSS
Exploits0References19Affected Software21
Tenable Nessus
Tenable Nessus
added 2020/12/10 12:0 a.m.101 views

OpenSSL 1.0.2 < 1.0.2x Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2x. It is, therefore, affected by a vulnerability as referenced in the 1.0.2x advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName...

5.9CVSS7.1AI score0.06968EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2017/08/31 12:0 a.m.44 views

OpenSSL 'OOB read' Security Bypass Vulnerability - Linux

OpenSSL is prone to an SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

5.3CVSS6.6AI score0.17699EPSS
Exploits0References3
Rows per page
Query Builder