Lucene search
K

188 matches found

NVD
NVD
added 2021/01/06 1:15 a.m.17 views

CVE-2020-36164

An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...

9.3CVSS9.3AI score0.00431EPSS
Exploits0References1
Prion
Prion
added 2021/01/06 1:15 a.m.17 views

Default configuration

An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories...

7.2CVSS8.7AI score0.00431EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/06 1:15 a.m.13 views

Default configuration

An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...

7.2CVSS8.7AI score0.00431EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/06 1:15 a.m.26 views

Design/Logic Flaw

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

7.2CVSS8.7AI score0.00462EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/01/06 12:52 a.m.37 views

CVE-2020-36164

An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...

9.3CVSS9.3AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/01/06 12:51 a.m.30 views

CVE-2020-36165

An issue was discovered in Veritas Desktop and Laptop Option DLO before 9.4. On start-up, it loads the OpenSSL library from /ReleaseX64/ssl. This library attempts to load the /ReleaseX64/ssl/openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create...

9.3CVSS9.3AI score0.00431EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/06/26 12:0 a.m.3 views

The vulnerability of the statem/statemdtls.c component in the OpenSSL library, which allows a hacker to cause a service failure.

The vulnerability of the statem/statemdtls.c component in the OpenSSL library is related to a resource management mechanism error. Exploiting this vulnerability could allow an attacker to cause service interruptions through a specially created DTLS message...

7.1CVSS7AI score0.14067EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/06/22 12:0 a.m.4 views

The vulnerability of the Montgomery quadradic multiplication algorithm implementation in OpenSSL libraries is related to an error in integer transfer on the x86_64 platform, which allows an attacker to gain unauthorized access to sensitive information.

The vulnerability of the Montgomery quadradic multiplication algorithm implementation in the OpenSSL library is related to an error in arithmetic operations on the x8664 platform. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to sensiti...

6.8CVSS6.8AI score0.10133EPSS
Exploits0References6Affected Software11
BDU FSTEC
BDU FSTEC
added 2020/06/22 12:0 a.m.7 views

The vulnerability of the CHACHA20-POLY1305 algorithm implementation in the OpenSSL library, related to improper access control, allows a perpetrator to trigger a service failure.

The vulnerability of the CHACHA20-POLY1305 algorithm implementation in the OpenSSL library is related to improper access control. Exploiting this vulnerability may allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS7.5AI score0.32389EPSS
Exploits3References5Affected Software1
Veeam
Veeam
added 2020/03/02 12:0 a.m.41 views

List of Security Fixes and Improvements in Veeam Agent for Linux

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Linux. The goal of this article is to provide our customers' security and compliance teams with the detailed information on security improvements between releases, in...

7.8CVSS7AI score0.00187EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1340)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1341)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.10715EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/06/21 5:51 p.m.29 views

CVE-2019-12572

A vulnerability in the London Trust Media Private Internet Access PIA VPN Client 1.0.2 build 02363 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. On startup, the PIA Windows service pia-service.exe loads the OpenSSL library from...

7.6AI score0.00931EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/04/19 12:0 a.m.105 views

Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)

According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to 15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x prior to 18.8.8.0. It is...

9.8CVSS8.1AI score0.94999EPSS
Exploits16References13
Veracode
Veracode
added 2019/01/15 9:11 a.m.26 views

Denial Of Service (DoS)

openssl is vulnerable to denial of service DoS attacks. The library improperly calculates string lengths, allowing a malicious user to cause a denial of service by passing a large string to the system...

9.8CVSS8.8AI score0.32414EPSS
Exploits1References62Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/10 12:0 a.m.5 views

The vulnerability of the RSA key generation algorithm in the OpenSSL library allows a hacker to recover the private key.

The vulnerability of the RSA key generation algorithm in the OpenSSL library is related to errors in cryptographic transformations. Exploiting this vulnerability could allow a malicious actor, operating remotely, to recover the secret key...

7.1CVSS6.2AI score0.12046EPSS
Exploits0References19Affected Software16
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.41 views

Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 7.1.4. It is, therefore, affected by multiple vulnerabilities: - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's key handling during a TLS handshake...

7.5CVSS7AI score0.49268EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.40 views

Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13)

The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 5.1.1. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of...

7.5CVSS6.3AI score0.49268EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/10 4:24 p.m.45 views

Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

Summary Multiple vulnerabilities in Apache HTTPD can cause denial of service and allow a remote attacker to bypass security restrictions and obtain sensitive information in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On. A Vulnerability in the Memcached library used by the IBM...

9.8CVSS1AI score0.57472EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:8 p.m.25 views

Security Bulletin: Vulnerability in the OpenSSL library affects IBM Tealeaf Customer Experience PCA (CVE-2017-3730).

Summary A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially...

7.5CVSS0.9AI score0.55294EPSS
Exploits5Affected Software1
Rows per page
Query Builder