Lucene search
K

20 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

7.5CVSS7.4AI score0.19295EPSS
Exploits0References39
OpenVAS
OpenVAS
added 2021/07/19 12:0 a.m.25 views

OpenSSL Security Bypass Vulnerability (20180327) - Linux

OpenSSL is prone to a security bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.1AI score0.08606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/28 9:33 p.m.38 views

CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

5.9CVSS3.3AI score0.08606EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/08 11:45 a.m.61 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS4.4AI score0.19295EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/07/09 1:55 p.m.3 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/10/30 11:11 a.m.4 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/10/30 9:51 a.m.7 views

openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References5
CNVD
CNVD
added 2018/06/14 12:0 a.m.1 views

OpenSSL Denial of Service Vulnerability (CNVD-2018-12153)

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

7.5CVSS6.3AI score0.49268EPSS
Exploits0References1
NVD
NVD
added 2018/04/16 6:29 p.m.17 views

CVE-2018-0737

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev Affected 1.1.0-1.1.0h...

5.9CVSS6.4AI score0.12046EPSS
Exploits0References34
Debian CVE
Debian CVE
added 2018/04/16 5:0 p.m.42 views

CVE-2018-0737

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev Affected 1.1.0-1.1.0h...

5.9CVSS6.4AI score0.12046EPSS
Exploits0
NVD
NVD
added 2018/03/27 9:29 p.m.27 views

CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

5.9CVSS5.5AI score0.08606EPSS
Exploits0References14
NVD
NVD
added 2018/03/27 9:29 p.m.26 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6AI score0.19295EPSS
Exploits0References34
Prion
Prion
added 2018/03/27 9:29 p.m.33 views

Design/Logic Flaw

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

4.3CVSS6.4AI score0.19295EPSS
Exploits0References34Affected Software3
OSV
OSV
added 2018/03/27 9:29 p.m.5 views

ALPINE-CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

5.9CVSS6.7AI score0.08606EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 9:29 p.m.3 views

ALPINE-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS6.8AI score0.19295EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 9:29 p.m.2 views

DEBIAN-CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS9.3AI score0.19295EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 9:29 p.m.24 views

CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

5.9CVSS6.1AI score
Exploits0References14
Cvelist
Cvelist
added 2018/03/27 9:0 p.m.31 views

CVE-2018-0733 Incorrect CRYPTO_memcmp on HP-UX PA-RISC

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

6AI score0.08606EPSS
Exploits0References14
AlpineLinux
AlpineLinux
added 2018/03/27 9:0 p.m.34 views

CVE-2018-0733

Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security...

5.9CVSS6AI score0.08606EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/03/27 9:0 p.m.45 views

CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

6.5CVSS7.3AI score0.19295EPSS
Exploits0
Rows per page
Query Builder