Lucene search
K

532 matches found

Exploit DB
Exploit DB
added 2016/12/11 12:0 a.m.49 views

OpenSSL 1.1.0a/1.1.0b - Denial of Service

Exploit Title: OpenSSL 1.1.0a & 1.1.0b Heap Overflow Remote DOS vulnerability Date: 11-12-2016 Software Link: https://www.openssl.org/source/old/1.1.0/ Exploit Author: Silverfox Contact: http://twitter.com/Silverfox Website: https://www.silverf0x00.com/ CVE: CVE-2016-7054 Category: Denial of...

7.5CVSS7AI score0.32389EPSS
Exploits3
exploitpack
exploitpack
added 2016/12/11 12:0 a.m.36 views

OpenSSL 1.1.0a1.1.0b - Denial of Service

OpenSSL 1.1.0a1.1.0b - Denial of Service Exploit Title: OpenSSL 1.1.0a & 1.1.0b Heap Overflow Remote DOS vulnerability Date: 11-12-2016 Software Link: https://www.openssl.org/source/old/1.1.0/ Exploit Author: Silverfox Contact: http://twitter.com/Silverfox Website: https://www.silverf0x00.com/ CV...

5CVSS6.8AI score0.32389EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.67 views

OpenSSL 1.1.0 < 1.1.0c Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0c. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0c advisory. - There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before...

7.5CVSS7.2AI score0.32389EPSS
Exploits4References10
ThreatPost
ThreatPost
added 2016/11/11 7:0 a.m.11 views

OpenSSL Patches High-Severity Denial-of-Service Bug

OpenSSL on Thursday patched three vulnerabilities in its latest update, and reminded users running version 1.0.1 of the cryptographic library that that security support will end Dec. 31. Of the three bugs, only one was rated high severity and could lead to OpenSSL crashes. Only OpenSSL 1.1.0 is...

0.9AI score
Exploits0References2
OpenSSL
OpenSSL
added 2016/11/10 12:0 a.m.83 views

Vulnerability in OpenSSL - ChaCha20/Poly1305 heap-buffer-overflow

TLS connections using -CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS. Found by Robert Święcki Google Security Team...

6.2AI score0.32389EPSS
Exploits3Affected Software1
FreeBSD
FreeBSD
added 2016/11/10 12:0 a.m.72 views

openssl -- multiple vulnerabilities

OpenSSL reports: ChaCha20/Poly1305 heap-buffer-overflow CVE-2016-7054 Severity: High TLS connections using -CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a Do...

7.5CVSS0.6AI score0.32389EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2016/06/14 12:0 a.m.31 views

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-714)

This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...

9.3CVSS7.3AI score0.23957EPSS
Exploits7References63
OPENSUSE Linux
OPENSUSE Linux
added 2016/06/11 10:7 p.m.48 views

Security update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 47 fixes the following issues boo983549: Security fixes: - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free deletin...

9.3CVSS0.5AI score0.23957EPSS
Exploits7References15
OPENSUSE Linux
OPENSUSE Linux
added 2016/06/11 2:11 p.m.52 views

Security update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 47 fixes the following issues boo983549: Security fixes: - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free deletin...

9.3CVSS0.5AI score0.23957EPSS
Exploits7References15
ThreatPost
ThreatPost
added 2015/02/24 1:46 p.m.9 views

CloudFlare Deploys ChaCha20-Poly1305 Encryption Across Sites

After rolling out free SSL for its users last fall, CloudFlare has deployed a new level of encryption on its service that hardens and speeds up the user experience, especially when accessing domains via mobile browsers. The form of encryption, a relatively new transport layer cipher suite known a...

7.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2014/04/25 9:50 a.m.12 views

Google Changes Ciphers in Chrome on Android

The emergence of mobile platforms such as iOS and Android have presented a number of challenges in terms of security. Not much can be done about some of these, like users leaving their phones in bars. But engineers at Google have been working on one of the thornier ones of late–how to provide sol...

7.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/01/31 1:7 p.m.9 views

Boasting Better Encryption, Bug Fixes, OpenSSH 6.5 Released

The OpenBSD Project pushed out a new build on Thursday of the OpenSSH security suite, adding a new private key format, a new transport cipher and fixing 15 bugs in the Secure Shell. OpenSSH version 6.5 adds support for the key exchange using elliptic-curve Diffie Hellman within cryptographer Dani...

0.6AI score
Exploits0References6
Rows per page
Query Builder