Lucene search
K

102 matches found

OSV
OSV
added 2019/04/20 12:29 a.m.3 views

AZL-41809 CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

6.1CVSS6.7AI score0.87218EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.14 views

Fedora 22 : m2crypto-0.22.5-2.fc22 (2015-321ae39ee6)

Fixes a buffer overflow in EVP.pbkdf2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.16 views

Fedora 23 : m2crypto-0.22.5-2.fc23 (2015-ca11983963)

Fixes a buffer overflow in EVP.pbkdf2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

5.8AI score
Exploits0References2
Mageia
Mageia
added 2015/11/26 8:47 p.m.18 views

Updated python-m2crypto packages fix security vulnerability

A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application rhbz1271165...

4.2AI score
Exploits0References2
OSV
OSV
added 2015/11/26 8:47 p.m.5 views

MGASA-2015-0458 Updated python-m2crypto packages fix security vulnerability

A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application rhbz1271165...

7.6AI score
Exploits0References3
OpenVAS
OpenVAS
added 2015/11/21 12:0 a.m.10 views

Fedora Update for m2crypto FEDORA-2015-446074

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2015/11/20 11:28 p.m.10 views

[SECURITY] Fedora 21 Update: m2crypto-0.22.5-2.fc21

This package allows you to call OpenSSL functions from python scripts...

2.4AI score
Exploits0
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.13 views

Fedora Update for m2crypto FEDORA-2015-321

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2015/11/19 12:25 p.m.9 views

[SECURITY] Fedora 22 Update: m2crypto-0.22.5-2.fc22

This package allows you to call OpenSSL functions from python scripts...

2.4AI score
Exploits0
Fedora
Fedora
added 2015/11/19 10:11 a.m.13 views

[SECURITY] Fedora 23 Update: m2crypto-0.22.5-2.fc23

This package allows you to call OpenSSL functions from python scripts...

2.4AI score
Exploits0
n0where
n0where
added 2015/11/04 11:19 p.m.46 views

SSL and TLS protocol test suite and fuzzer: tlsfuzzer

tlsfuzzer is a combination of TLS test framework, ready-to-use tests and hopefully in the future a fuzzer for TLS protocol. The aim is to have ability to test TLS implementation everywhere a fairly recent version of Python can run 2.6, 3.2 or later. Current implementation efforts focus on testing...

7.2AI score
Exploits0References1
n0where
n0where
added 2015/09/14 3:9 a.m.70 views

DNS visualization: DNSViz

DNSViz is a tool for assessing the health of DNS deployments by issuing diagnostic queries, assessing the responses, and outputting the results in one of several formats. The assessment may be directed towards recursive or authoritative DNS servers, and the output may be textual, graphical, or...

0.9AI score
Exploits0References3
n0where
n0where
added 2015/08/07 10:24 p.m.45 views

Object Scanning System: Laika BOSS

Laika is an object scanner and intrusion detection system that strives to achieve the following goals: Scalable Work across multiple systems High volume of input from many sources Flexible Modular architecture Highly configurable dispatching and dispositioning logic Tactical code insertion withou...

0.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/04/30 12:0 a.m.17 views

SuSE 11.3 Security Update : python-pywbem (SAT Patch Number 9079)

This update fixes a TOCTOU vulnerability during certificate validation. CVE-2013-6418 has been assigned to this issue. This update also introduces a new dependency on python-m2crypto. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

5.8CVSS5.2AI score0.01772EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2009/01/15 5:30 p.m.14 views

CVE-2009-0127

M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

5CVSS6AI score0.01379EPSS
Exploits1References3
NVD
NVD
added 2009/01/15 5:30 p.m.15 views

CVE-2009-0127

M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

5CVSS7.5AI score0.01379EPSS
Exploits1References3
OSV
OSV
added 2009/01/15 5:30 p.m.8 views

CVE-2009-0127

M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

7.5AI score
Exploits0References4
Prion
Prion
added 2009/01/15 5:30 p.m.23 views

Input validation

DISPUTED M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability...

5CVSS6.4AI score0.05146EPSS
Exploits2References3
CVE
CVE
added 2009/01/15 5:0 p.m.65 views

CVE-2009-0127

Technical details about CVE-2009-0127 are not publicly provided in the supplied documents. Monitor for updates for affected components, root cause, and fixes.

5CVSS7.5AI score0.01379EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2009/01/15 5:0 p.m.29 views

CVE-2009-0127

M2Crypto does not properly check the return value from the OpenSSL EVPVerifyFinal, DSAverify, ECDSAverify, DSAdoverify, and ECDSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

5CVSS6.4AI score0.01379EPSS
Exploits1
Rows per page
Query Builder