EUVD-2012-0473

Malware in sbrugna...

EUVD-2021-17654

Malware in sbrugna...

CVE-2021-30737

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...

RHEL 4 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: TOCTOU, potential use-after-free in libssl's session ticket processing MFSA 2014-12 CVE-2014-1490 -...

SUSE CVE-2004-0644

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

CVE-2021-30737

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...

Memory corruption

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...

CVE-2021-30737

CVE-2021-30737 is an iOS/macOS NSS ASN.1 decoding issue in Apple’s secasn1d.c, fixed in iOS 14.6. The root cause is a memory corruption primitive arising from Apple’s NSS fork’s ASN.1 bit-string handling. A path in sec_asn1d_parse_bit_string can set the destination item’s Data pointer to NULL for...

CVE-2021-30737

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously craft...

Apple iOS < 12.5.4 Multiple Vulnerabilities (HT212548)

Binary data appleios1254check.nbin...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is a smart TV operating system from Apple, Inc. tvOS suffers from a buffer error vulnerability that stems from a boundary error in the ASN.1 decoder when processing TLS certificates. A remote attacker exploiting this vulnerability could trick a victim into visiting a specially designed...

PT-2021-18836 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 14.6 Apple iPadOS versions prior to 14.6 Apple tvOS versions prior to 14.6 Apple macOS versions prior to 11.4 Apple watchOS versions prior to 7.5 Apple macOS Mojave versions prior to Security Update 2021-004 Apple...

Arbitrary Code Execution

krb5 is vulnerable to arbitrary code execution. An input validation flaw was found in the ASN.1 Abstract Syntax Notation One decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to...

SUSE SLES11 Security Update : openssl (SUSE-SU-2017:0585-1)

This update for openssl fixes the following issues contained in the OpenSSL Security Advisory 26 Jan 2017 bsc1021641 Security issues fixed : - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed bsc1019334 - CVE-2016-8610: A remote denial of service in...

SUSE-SU-2017:0461-1 Security update for openssl

This update for openssl fixes the following issues contained in the OpenSSL Security Advisory 26 Jan 2017 bsc1021641 Security issues fixed: - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed bsc1019334 - CVE-2016-8610: A remote denial of service in S...

Oracle iPlanet Web Proxy Server 4.0.x < 4.0.27 NSS ASN.1 Decoder RCE (April 2016 CPU)

According to its self-reported version, the Oracle iPlanet Web Proxy Server formerly known as Sun Java System Web Proxy Server installed on the remote host is version 4.0.x prior to 4.0.27. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security...

VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check)

The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the MIT Kerberos SPNEGO implementation in the getinputtoken function. A remote attacker can exploit this, via a crafted length value, to...

CVE-2015-7061

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060...

CVE-2015-7060

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7061...

CVE-2015-7059

The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061...