7 matches found
GHSA-7GCJ-PHFF-2884 Signal K Server has an Unauthenticated Regular Expression Denial of Service (ReDoS) via WebSocket Subscription Paths
Summary The SignalK server is vulnerable to an unauthenticated Regular Expression Denial of Service ReDoS attack within its WebSocket subscription handling logic. By injecting unescaped regex metacharacters into the context parameter of a stream subscription, an attacker can force the server's...
DEBIAN-CVE-2017-5440
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
UBUNTU-CVE-2017-5440
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
Security fix for the ALT Linux 8 package openssl10 version 0.9.8d-alt3
Aug. 7, 2007 Dmitry V. Levin 0.9.8d-alt3 - Fixed side-channel attack on private keys CVE-2007-3108, RH245732, http://cvs.openssl.org/chngview?cn=16275. - Mitigated branch prediction attacks RH250573, http://cvs.openssl.org/chngview?cn=16077. - Changed SSL/TLS server implementation to be stricter...
Security fix for the ALT Linux 9 package openssl10 version 0.9.8d-alt3
Aug. 7, 2007 Dmitry V. Levin 0.9.8d-alt3 - Fixed side-channel attack on private keys CVE-2007-3108, RH245732, http://cvs.openssl.org/chngview?cn=16275. - Mitigated branch prediction attacks RH250573, http://cvs.openssl.org/chngview?cn=16077. - Changed SSL/TLS server implementation to be stricter...
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8d-alt3
Aug. 7, 2007 Dmitry V. Levin 0.9.8d-alt3 - Fixed side-channel attack on private keys CVE-2007-3108, RH245732, http://cvs.openssl.org/chngview?cn=16275. - Mitigated branch prediction attacks RH250573, http://cvs.openssl.org/chngview?cn=16077. - Changed SSL/TLS server implementation to be stricter...