Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:1 a.m.5 views

CVE-2024-54846

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack...

5.9CVSS6.8AI score0.00445EPSS
Exploits1References1
NVD
NVD
added 2025/01/10 5:15 p.m.19 views

CVE-2024-54846

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack...

5.9CVSS0.00445EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.5 views

SUSE CVE-2015-0209

Use-after-free vulnerability in the d2iECPrivateKey function in crypto/ec/ecasn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have...

6.8CVSS9.2AI score0.1633EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2015/03/27 12:0 a.m.42 views

OpenSSL 0.9.8 < 0.9.8zf / 1.0.0 < 1.0.0r / 1.0.1 < 1.0.1m Multiple Vulnerabilities

Binary data 8662.prm...

6.8CVSS6.8AI score0.21247EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.270 views

Debian DLA-177-1 : openssl security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2015-0209 It was discovered that a malformed EC private key might result in memory corruption. CVE-2015-0286 Stephen...

7.5CVSS7.3AI score0.44503EPSS
Exploits1References9
Debian
Debian
added 2015/03/24 9:32 p.m.48 views

[SECURITY] [DSA 3197-2] openssl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3197-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.44503EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.45 views

Debian DSA-3197-1 : openssl - security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service. -...

7.5CVSS7.3AI score0.44503EPSS
Exploits1References14
CNVD
CNVD
added 2015/03/20 12:0 a.m.1 views

OpenSSL 'd2i_ECPrivateKey' Memory Misreference Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. A memory misreference vulnerability exists in 'd2iECPrivateKey' in OpenSSL 'crypto/ec/ecasn1.c'. An attacker could exploit the...

6.8CVSS6.9AI score0.1633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.37 views

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2537-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2537-1 advisory. It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to...

7.5CVSS7.9AI score0.44503EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2015/03/20 12:0 a.m.277 views

Ubuntu: Security Advisory (USN-2537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.44503EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2015/03/19 5:10 p.m.91 views

USN-2537-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. CVE-2015-0209 Stephen Henson discovered that OpenSSL incorrectly handled...

7.5CVSS7.8AI score0.44503EPSS
Exploits1
Mageia
Mageia
added 2015/03/19 4:47 p.m.47 views

Updated openssl packages fix security vulnerabilities

Updated openssl packages fix security vulnerabilities: The function ASN1TYPEcmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1TYPEcmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verificati...

6.8CVSS7.6AI score0.21247EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/03/19 12:0 a.m.16 views

CVE-2015-0209

Use-after-free vulnerability in the d2iECPrivateKey function in crypto/ec/ecasn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have...

7AI score0.1633EPSS
Exploits0References45
OpenSSL
OpenSSL
added 2015/03/19 12:0 a.m.51 views

Vulnerability in OpenSSL - Use After Free following d2i_ECPrivatekey error

Use After Free following d2iECPrivatekey error. A malformed EC private key file consumed via the d2iECPrivateKey function could cause a use after free condition. This, in turn, could cause a double free in several private key parsing functions such as d2iPrivateKey or EVPPKCS82PKEY and could lead...

6.7AI score0.1633EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/03/19 12:0 a.m.44 views

Debian Security Advisory DSA 3197-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service...

7.5CVSS0.1AI score0.44503EPSS
Exploits1References1
ArchLinux
ArchLinux
added 2015/03/19 12:0 a.m.57 views

lib32-openssl: multiple issues

CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...

6.8CVSS1.6AI score0.33482EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2015/03/19 12:0 a.m.35 views

CVE-2015-0209

Use-after-free vulnerability in the d2iECPrivateKey function in crypto/ec/ecasn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have...

6.8CVSS7.2AI score0.1633EPSS
Exploits0
OSV
OSV
added 2015/03/19 12:0 a.m.43 views

DSA-3197-1 openssl - security update

Bulletin has no description...

7.5CVSS6.8AI score0.44503EPSS
Exploits1
Rows per page
Query Builder