Lucene search
K

147 matches found

Cvelist
Cvelist
added 2011/08/29 3:0 p.m.30 views

CVE-2011-1643

Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x, 7.x before 7.15bsu4, 8.0, and 8.5 before 8.51su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session,...

6.5AI score0.01902EPSS
Exploits0References1
CVE
CVE
added 2011/08/29 3:0 p.m.55 views

CVE-2011-1643

CVE-2011-1643 affects Cisco Unified Communications Manager (CUCM) and Cisco Unified Presence Server. Affected CUCM versions: 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2; Presence Server: 6.x, 7.x, 8.0, and 8.5 before 8.5xnr. Root cause: an open query interface could disclose databas...

10CVSS6.7AI score0.01902EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2011/08/24 11:51 a.m.14 views

PHP 5.3.8 Released, Fixes Crypto Bug

A day after warning users about a serious bug in the cryptographic function in PHP 5.3.7 and telling them not to upgrade to that release, the maintainers of the scripting language pushed out version 5.3.8, which fixes the crypto problem as well as another security related issue. PHP 5.3.7, which...

7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/04/18 12:0 a.m.91 views

Fedora 15 : proftpd-1.3.4-0.8.rc2.fc15 (2011-5098)

The second release candidate for proftpd 1.3.4. This includes fixes for a number of security issues : - Plaintext command injection vulnerability in FTPS implementation - Badly formed SSH messages cause DoS - Limit recursion depth for untrusted regular expressions 673040 The update also contains ...

5CVSS7AI score0.51298EPSS
Exploits14References6
Cent OS
Cent OS
added 2010/03/28 3:36 p.m.90 views

nspr, nss security update

CentOS Errata and Security Advisory CESA-2010:0165 Updated nss packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

9.8CVSS6.9AI score0.87264EPSS
Exploits14References9
OpenVAS
OpenVAS
added 2010/02/11 12:0 a.m.44 views

Microsoft Windows TLS/SSL Spoofing Vulnerability (977377)

This host installed with TLS/SSL protocol which is prone to Spoofing Vulnerability SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS6.9AI score0.87264EPSS
Exploits14References4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.26 views

openSUSE Security Update : libwsman-devel (libwsman-devel-157)

This update of openwsman fixes several security vulnerabilities found by the SuSE Security-Team : - remote buffer overflows while decoding the HTTP basic authentication header CVE-2008-2234 - a possible SSL session replay attack affecting the client depending on the configuration CVE-2008-2233...

7.5CVSS5.7AI score0.04318EPSS
Exploits5References3
Prion
Prion
added 2009/04/14 4:26 p.m.17 views

Design/Logic Flaw

Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to...

1.9CVSS6.9AI score0.00198EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2009/03/27 4:30 p.m.29 views

CVE-2009-0628

Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service memory consumption and device crash by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block TCB leak...

9CVSS6.5AI score0.01925EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2009/01/23 12:0 a.m.55 views

SuSE Update for openwsman SUSE-SA:2008:041

Check for the Version of openwsman OpenVAS Vulnerability Test $Id: gbsuse2008041.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for openwsman SUSE-SA:2008:041 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

9.3CVSS7.2AI score0.95182EPSS
Exploits35References1
Prion
Prion
added 2008/09/26 4:21 p.m.21 views

Session fixation

Cisco IOS 12.4 allows remote attackers to cause a denial of service device crash via a normal, properly formed SSL packet that occurs during termination of an SSL session...

7.8CVSS7AI score0.03165EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/08/22 12:0 a.m.31 views

openSUSE 10 Security Update : libwsman-devel (libwsman-devel-5531)

This update of openwsman fixes several security vulnerabilities found by the SuSE Security-Team : - remote buffer overflows while decoding the HTTP basic authentication header CVE-2008-2234 - a possible SSL session replay attack affecting the client depending on the configuration CVE-2008-2233...

7.5CVSS5.7AI score0.04318EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2007/08/21 12:0 a.m.36 views

Fedora Core 6 : openssl-0.9.8b-14.fc6 (2007-661)

Fri Aug 3 2007 Tomas Mraz 0.9.8b-14 - use localhost in testsuite, hopefully fixes slow build in koji - CVE-2007-3108 - fix side channel attack on private keys 250577 - make ssl session cache id matching strict 233599 - Wed Jul 25 2007 Tomas Mraz 0.9.8b-13 - allow building on ARM architectures...

1.2CVSS7.1AI score0.00409EPSS
Exploits1References1
Prion
Prion
added 2006/03/23 11:6 a.m.16 views

Design/Logic Flaw

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server OES allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL...

5CVSS7.2AI score0.02216EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2006/03/23 11:6 a.m.20 views

CVE-2006-0999

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server OES allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL...

5CVSS6.7AI score0.02216EPSS
Exploits0References9
CVE
CVE
added 2006/03/23 11:0 a.m.54 views

CVE-2006-0998

The CVE-2006-0998 issue affects Novell NetWare 6.5 and Novell Open Enterprise Server (OES) where the SSL server implementation in NILE.NLM can select a weak cipher instead of an available stronger cipher. This weak cipher choice enables remote attackers to sniff and potentially decrypt SSL sessio...

5CVSS6.7AI score0.0313EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2005/11/02 12:2 a.m.16 views

CVE-2005-3426

Cisco CSS 11500 Content Services Switch CSS with SSL termination services allows remote attackers to cause a denial of service memory corruption and device reload via a malformed client certificate during SSL session negotiation...

5CVSS6.8AI score0.01024EPSS
Exploits0References5
CVE
CVE
added 2005/11/02 12:0 a.m.47 views

CVE-2005-3426

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services is affected by CVE-2005-3426. The vulnerability allows remote attackers to trigger a denial of service via memory corruption during SSL session negotiation when a malformed client certificate is presented. The entry notes...

5CVSS7.2AI score0.01024EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.25 views

CVE-2002-1947

Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session...

6.7AI score0.01387EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.34 views

Ximian Evolution < 1.1.1 camel Component Man-in-the-Middle SSL Session Weakness

Binary data 1306.prm...

5CVSS7.3AI score0.00923EPSS
Exploits1References1
Rows per page
Query Builder