Lucene search
K

35 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.4 views

SUSE CVE-2014-3511

The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol...

4.3CVSS8.5AI score0.13327EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/20 12:54 a.m.41 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN Volume Controller and Storwize Family (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511)

Summary Vulnerabilities in OpenSSL could allow a remote attacker to execute arbitrary code or cause a denial of service. Vulnerability Details CVE-ID:CVE-2014-3509 DESCRIPTION : OpenSSL is vulnerable to a denial of service, caused by a race condition in the sslparseserverhellotlsext code. If a...

6.8CVSS7.7AI score0.51436EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 7:21 p.m.47 views

Security Bulletin: Network Intrusion Prevention System is affected by multiple OpenSSL vulnerabilities (CVE-2014-3508, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)

Summary Security vulnerabilities have been discovered in OpenSSL components used by IBM Security Network Intrusion Prevention System. Vulnerability Details CVE-ID: CVE-2014-3509 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a race condition in the sslparseserverhellotlsext...

7.5CVSS7.1AI score0.7408EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2014-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.7408EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.60 views

Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)

Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...

7.5CVSS7.1AI score0.7408EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/06/16 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2020-1637)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.6AI score0.85784EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.28 views

Security Bulletin: OpenSSL vulnerabilities announced August 6th 2014 affect Juniper EX Series Network Switches sold by IBM for use in IBM Products (9 CVEs)

Summary The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Vulnerability Details Abstract The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Content Vulnerability Details: CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable ...

7.5CVSS0.9AI score0.7408EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.33 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3508, CVE-2014-5139, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512)

Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details Summary There are multiple vulnerabilities in OpenSSL that is used by Upward Integration Modules UIM...

7.5CVSS0.9AI score0.7408EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.35 views

Security Bulletin: Multiple potential vulnerabilities in OpenSSL fixed in Chassis Management Module (CMM) (CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508)

Summary OpenSSL disclosed several vulnerabilities in August 2014. Seven of those vulnerabilities apply to the version of OpenSSL used by Flex Systems Chassis Management Module CMM. Vulnerability Details Abstract OpenSSL disclosed several vulnerabilities in August 2014. Seven of those...

6.8CVSS0.7AI score0.51436EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.61 views

Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™

Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...

7.5CVSS1.2AI score0.7408EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 8:34 a.m.36 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect Rational ClearCase (CVE-2014-5139, CVE-2014-3509, CVE-2014-3511)

Summary There are multiple vulnerabilities in OpenSSL that is used by affect Rational ClearCase. These issues were disclosed on August 6, 2014 by the OpenSSL Project. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this li...

6.8CVSS0.8AI score0.19997EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:19 p.m.41 views

Security Bulletin: Network Protection is affected by multiple OpenSSL vulnerabilities (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, CVE-2014-3511)

Summary Multiple security vulnerabilities have been discovered in OpenSSL version used by IBM Security Network Protection. Vulnerability Details CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable to a denial of service, caused by a double-free error when handling DTLS packets. A remote...

5CVSS1.8AI score0.51436EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 7:43 p.m.26 views

Security Bulletin: IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL (CVE-2014-3511, CVE-2014-3512)

Summary IBM Tealeaf Customer Experience is affected by a vulnerability in OpenSSL that could cause a protocol downgrade attack or a buffer overrun attack. Vulnerability Details CVEID: CVE-2014-3511 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused by the...

7.5CVSS1.1AI score0.7408EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/21 12:0 a.m.273 views

pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 )

According to its self-reported version number, the remote pfSense install is a version prior to 2.1.5 It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108516; scriptversion"1.4";...

7.5CVSS6.4AI score0.7408EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/09/01 12:0 a.m.61 views

RHEL 6 : rhevm-spice-client (RHSA-2015:0197)

Updated rhevm-spice-client packages that fix two security issues and several bugs are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.8CVSS7.3AI score0.13359EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/03/05 12:0 a.m.550 views

Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)

According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in 'd1both.c' related to handling DTLS packets that allows denial of...

7.5CVSS6.7AI score0.99999EPSS
Exploits7References17
Tenable Nessus
Tenable Nessus
added 2015/02/06 12:0 a.m.292 views

RHEL 6 : rhev-hypervisor6 (RHSA-2015:0126)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:0126 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

10CVSS7.8AI score0.94859EPSS
Exploits29References18
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.55 views

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3508_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters,...

4.3CVSS6.4AI score0.23292EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.41 views

Fedora Update for mingw-openssl FEDORA-2014-17576

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.7AI score0.99999EPSS
Exploits20References2
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.45 views

Fedora Update for mingw-openssl FEDORA-2014-17587

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.99999EPSS
Exploits106References4
Rows per page
Query Builder