Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

125 matches found

FreeBSD
FreeBSDadded 2015/02/27 12:0 a.m.27 views

cryptopp -- multiple vulnerabilities

Multiple sources report: CVE-2015-2141: The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...

7.5CVSS6.5AI score0.01025EPSS
Exploits0References3
Prion
Prionadded 2014/11/04 3:55 p.m.14 views

Code injection

SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm DSA signatures via unspecified vectors...

7.5CVSS7.2AI score0.00585EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2014/11/04 3:0 p.m.18 views

CVE-2014-8587

SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm DSA signatures via unspecified vectors...

6.7AI score0.00585EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2014/08/14 12:0 a.m.898 views

OpenSSL 'ChangeCipherSpec' MiTM Vulnerability

The OpenSSL service on the remote host is vulnerable to a man-in-the-middle MiTM attack, based on its acceptance of a specially crafted handshake. This flaw could allow a MiTM attacker to decrypt or forge SSL messages by telling the service to begin encrypted communications before key material ha...

7.4CVSS7.5AI score0.92751EPSS
Exploits14References10
Tenable Nessus
Tenable Nessusadded 2014/08/04 12:0 a.m.97 views

IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 prior to Fix Pack 9 is running on the remote host. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists within the Administration Console, where user input is improperly validated. This could allow a remote attacke...

7.8CVSS7.9AI score0.92712EPSS
Exploits13References25
Tenable Nessus
Tenable Nessusadded 2014/07/17 12:0 a.m.35 views

McAfee Email Gateway OpenSSL Multiple Vulnerabilities (SB10075)

The remote host is running a version of McAfee Email Gateway MEG that is affected by the multiple vulnerabilities related to the included OpenSSL library : - An error exists in the function 'ssl3readbytes' that can allow data to be injected into other sessions or allow denial of service attacks...

7.4CVSS8.1AI score0.92751EPSS
Exploits14References9
Tenable Nessus
Tenable Nessusadded 2014/07/14 12:0 a.m.77 views

Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL Vulnerabilities

The remote host has a version of Cisco AnyConnect prior to 3.15170. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the...

7.4CVSS8.1AI score0.92751EPSS
Exploits14References6
Tenable Nessus
Tenable Nessusadded 2014/07/14 12:0 a.m.89 views

Mac OS X : Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL Vulnerabilities

The remote host has a version of Cisco AnyConnect prior to 3.15170. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the...

7.4CVSS8.1AI score0.92751EPSS
Exploits14References6
Tenable Nessus
Tenable Nessusadded 2014/07/02 12:0 a.m.225 views

HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple Vulnerabilities

According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server has an implementation of the OpenSSL library that is affected by the following vulnerabilities : - An error exists in the ssl3readbytes function that allows data to be injected...

7.4CVSS8.2AI score0.92751EPSS
Exploits14References17
Tenable Nessus
Tenable Nessusadded 2014/06/18 12:0 a.m.99 views

Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)

The remote Windows host has a version of Cisco Jabber installed that is known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOA...

7.4CVSS7.5AI score0.91395EPSS
Exploits10References6
Tenable Nessus
Tenable Nessusadded 2014/06/18 12:0 a.m.78 views

Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco TelePresence MCU device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD...

7.4CVSS7.5AI score0.91395EPSS
Exploits10References5
Tenable Nessus
Tenable Nessusadded 2014/06/18 12:0 a.m.88 views

Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco ONS device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD' cache...

4.3CVSS7.7AI score0.91395EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2014/06/03 12:0 a.m.159 views

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)

The remote Linux host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

7.1CVSS7AI score0.02106EPSS
Exploits1References27
Tenable Nessus
Tenable Nessusadded 2014/06/03 12:0 a.m.64 views

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities

The remote Windows host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

7.1CVSS7AI score0.02106EPSS
Exploits1References27
Tenable Nessus
Tenable Nessusadded 2014/04/21 12:0 a.m.94 views

VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)

The version of VMware Workstation installed on the remote host is version 10.x prior to 10.0.2. It is, therefore, reportedly affected by the following vulnerabilities in the OpenSSL library : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA...

7.5CVSS7.8AI score0.94464EPSS
Exploits87References8
The Hacker News
The Hacker Newsadded 2014/02/06 1:28 a.m.16 views

98% of SSL enabled websites still using SHA-1 based weak Digital Certificates

The National Institute of Standards and Technology NIST had published a document on Jan 2011 that the SHA-1 algorithm will be risky and should be disallowed after year 2013, but it was recently noticed by Netcraft experts that NIST.gov website itself were using 2014 dated SSL certificate with SHA...

6.6AI score
Exploits0
OpenVAS
OpenVASadded 2013/09/18 12:0 a.m.18 views

Fedora Update for perl-Crypt-DSA FEDORA-2013-15786

Check for the Version of perl-Crypt-DSA OpenVAS Vulnerability Test Fedora Update for perl-Crypt-DSA FEDORA-2013-15786 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

5.8CVSS6.4AI score0.00358EPSS
Exploits0References2
OpenVAS
OpenVASadded 2013/09/18 12:0 a.m.17 views

Fedora Update for perl-Crypt-DSA FEDORA-2013-15755

Check for the Version of perl-Crypt-DSA OpenVAS Vulnerability Test Fedora Update for perl-Crypt-DSA FEDORA-2013-15755 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

5.8CVSS6.4AI score0.00358EPSS
Exploits0References2
Fedora
Fedoraadded 2013/09/13 1:11 a.m.14 views

[SECURITY] Fedora 18 Update: perl-Crypt-DSA-1.17-10.fc18

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation...

5.8CVSS2.8AI score0.00358EPSS
Exploits0
Fedora
Fedoraadded 2013/09/13 1:10 a.m.23 views

[SECURITY] Fedora 19 Update: perl-Crypt-DSA-1.17-10.fc19

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation...

5.8CVSS2.8AI score0.00358EPSS
Exploits0
Rows per page
Query Builder