18 matches found
CVE-2018-12434
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...
EUVD-2018-20577
Malware in sbrugna...
EUVD-2015-5304
Malware in sbrugna...
EUVD-2018-4405
Malware in sbrugna...
EUVD-2019-11499
Malware in sbrugna...
EUVD-2019-11498
Malware in sbrugna...
EUVD-2014-9245
Malware in sbrugna...
EUVD-2021-33530
Malicious code in bioql PyPI...
CVE-2022-48437
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...
CVE-2019-25048
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in doprintex called from asn1itemprintctx and ASN1itemprint...
CVE-2019-25049
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1itemprintctx called from asn1templateprintctx...
CVE-2022-48437
An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...
SUSE CVE-2018-12434
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...
SUSE CVE-2019-25048
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in doprintex called from asn1itemprintctx and ASN1itemprint...
LibreSSL Buffer Overflow Vulnerability (CNVD-2021-50109)
LibreSSL is an open source implementation of the Secure Sockets Layer and Transport Layer security protocols. A security vulnerability exists in LibreSSL that stems from LibreSSL 2.9.1 through 3.2.1 having an out-of-bounds read in asn1itemprintctx called from asn1templateprintctx. No details of t...
LibreSSL Buffer Overflow Vulnerability (CNVD-2021-50108)
LibreSSL is an open source implementation of the Secure Sockets Layer and Transport Layer security protocols. A security vulnerability exists in LibreSSL versions 2.9.1 through 3.2.1 that stems from the presence of a heap-based buffer overflow in LibreSSL. No details of the vulnerability are...
LibreSSL 缓冲区错误漏洞
LibreSSL is an open source implementation of the Secure Sockets Layer and Transport Layer security protocols. A security vulnerability exists in LibreSSL that stems from LibreSSL 2.9.1 through 3.2.1 having an out-of-bounds read in asn1itemprintctx called from asn1templateprintctx. No details of t...
CVE-2018-8970
The intx509paramsethosts function in lib/libcrypto/x509/x509vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain...