CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

213 matches found

UbuntuCve•added 2018/10/08 12:0 a.m.•19 views

CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...

8.1CVSS6.5AI score0.02881EPSS

Exploits0References2

UbuntuCve•added 2018/10/08 12:0 a.m.•17 views

CVE-2018-1000808

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...

5.9CVSS6.4AI score0.00161EPSS

Exploits0References2

CVE•added 2018/10/08 12:0 a.m.•555 views

CVE-2018-1000807

CVE-2018-1000807 concerns Python-pyOpenSSL before 17.5.0, with a CWE-416 Use-After-Free in X509 object handling that can lead to denial of service or remote code execution. The vulnerability is reported as fixed in 17.5.0. Connected sources (SUSE-SU-2024:1626-1; SUSE-SU-2024:3749-1; OSV entries) ...

8.1CVSS8.4AI score0.02881EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2018/10/08 12:0 a.m.•2 views

PT-2018-9532 · Openssl +2 · Pyopenssl +2

Name of the Vulnerable Software and Affected Versions: pyopenssl versions prior to 17.5.0 Description: The issue is related to a memory management problem in the PKCS 12 Store of pyopenssl, which can lead to a denial of service if memory runs low or is exhausted. This can be exploited by initiati...

8.2CVSS5.9AI score0.02881EPSS

Exploits0References36

Positive Technologies•added 2018/10/08 12:0 a.m.•3 views

PT-2018-9531 · Openssl +2 · Pyopenssl +2

Name of the Vulnerable Software and Affected Versions: pyopenssl versions prior to 17.5.0 Description: The issue is related to a Use After Free vulnerability in X509 object handling, which can result in denial of service or possible remote code execution. This attack appears to be exploitable via...

8.1CVSS6.5AI score0.02881EPSS

Exploits0References50

OSV•added 2018/10/08 12:0 a.m.•0 views

UBUNTU-CVE-2018-1000807

8.1CVSS6.8AI score0.02881EPSS

Exploits0References3

OSV•added 2018/10/08 12:0 a.m.•0 views

UBUNTU-CVE-2018-1000808

5.9CVSS6.4AI score0.00161EPSS

Exploits0References3

Cvelist•added 2018/10/08 12:0 a.m.•14 views

CVE-2018-1000807

8.5AI score0.02881EPSS

Exploits0References5

Debian CVE•added 2018/10/08 12:0 a.m.•23 views

CVE-2018-1000807

8.1CVSS6.9AI score0.02881EPSS

Exploits0

Exploit DB•added 2018/04/13 12:0 a.m.•77 views

Microsoft Credential Security Support Provider - Remote Code Execution

credssp This is a poc code for exploiting CVE-2018-0886. It should be used for educational purposes only. It relies on a fork of the rdpy projecthttps://github.com/preempt/rdpy, allowing also credssp relay. Written by Eyal Karni, Preempt [email protected] Build Instructions Linux If you are usin...

7.6CVSS6.7AI score0.90997EPSS

Exploits4

UbuntuCve•added 2017/01/11 4:59 p.m.•22 views

CVE-2016-9015

Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. Thi...

3.7CVSS6.3AI score0.00038EPSS

Exploits0References2

Prion•added 2017/01/11 4:59 p.m.•15 views

Code injection

2.6CVSS6.6AI score0.00038EPSS

Exploits0References2Affected Software1

OSV•added 2017/01/11 4:59 p.m.•0 views

PYSEC-2017-98

3.7CVSS6.3AI score0.00038EPSS

Exploits0References2

OSV•added 2017/01/11 4:59 p.m.•26 views

CVE-2016-9015

3.7CVSS6.3AI score

Exploits0References2

Cvelist•added 2017/01/11 4:0 p.m.•21 views

CVE-2016-9015

3.6AI score0.00038EPSS

Exploits0References2

Debian CVE•added 2017/01/11 4:0 p.m.•23 views

CVE-2016-9015

3.7CVSS4.2AI score0.00038EPSS

Exploits0

Veracode•added 2017/01/09 5:19 a.m.•17 views

Hostname Check Bypassing

pyOpenSSL is vulnerable to hostname check bypassing. This is because it does not properly handle hostnames in the certificate that contain null bytes.The string formatting of subjectAltName X509Extension instances incorrectly truncates fields of the name when encountering null bytes, allowing...

4.3CVSS5.8AI score0.0025EPSS

Exploits0References6Affected Software1

exploitpack•added 2014/08/29 12:0 a.m.•47 views

NRPE 2.15 - Remote Code Execution

NRPE 2.15 - Remote Code Execution !/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.201...

7.5CVSS7AI score0.1857EPSS

Exploits6

Packet Storm•added 2014/08/28 12:0 a.m.•175 views

NRPE 2.15 Remote Command Execution

!/usr/bin/python Exploit Title : NRPE http://www.abcompcons.com/files/nrpeclient.py pyOpenSSL Library required http://pyopenssl.sourceforge.net/ root@localhost pip-python install pyOpenSSL NRPE = 2.15 Remote Command Execution Vulnerability Release date: 17.04.2014 Discovered by: Dawid Golunski...

7.5CVSS6.4AI score0.1857EPSS

Exploits6

Tenable Nessus•added 2014/06/13 12:0 a.m.•17 views

openSUSE Security Update : python-pyOpenSSL (openSUSE-SU-2013:1648-1)

update to 0.13.1 fixes the following security issue: NUL byte handling in subjectAltName bnc839107, CVE-2013-4314 CVE-2013-4314 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-82...

4.3CVSS8.2AI score0.0025EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by