Lucene search
K

27 matches found

FreeBSD
FreeBSD
added 2021/04/23 12:0 a.m.14 views

sbibboleth-sp -- denial of service vulnerability

Shibboleth project reports: Session recovery feature contains a null pointer deference. The cookie-based session recovery feature added in V3.0 contains a flaw that is exploitable on systems not using the feature if a specially crafted cookie is supplied. This manifests as a crash in the shibd...

3.4AI score
Exploits0References1
OSV
OSV
added 2020/07/17 11:49 a.m.6 views

SUSE-SU-2020:1943-1 Security update for xrdp

This update for xrdp provides the following fix: - CVE-2020-4044: xrdp-sesman can be crashed remotely over port 3350 bsc1173580. - Fixed an issue where xrdp-sesman could not restart bsc1155952. - Fixed an issue where xrdp could not start due to an error in the service file use absolute path in...

7.8CVSS7.2AI score0.02404EPSS
Exploits0References13
CNVD
CNVD
added 2020/06/05 12:0 a.m.0 views

GnuTLS Encryption Problem Vulnerability (CNVD-2020-53541)

GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. A security vulnerability exists in GnuTLS version 3.6.14. An attacker can exploit this vulnerability by performing a man-in-the-middle attack to bypass authentication in TLS version 1.3 and recover previou...

7.4CVSS8.8AI score0.17507EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2018/03/02 8:0 a.m.25 views

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

7.1CVSS7AI score0.0363EPSS
Exploits0
Cvelist
Cvelist
added 2018/03/02 8:0 a.m.26 views

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

6.5AI score0.0363EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2018/03/02 12:0 a.m.34 views

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

7.1CVSS6.8AI score0.0363EPSS
Exploits0References7
OSV
OSV
added 2018/03/02 12:0 a.m.0 views

UBUNTU-CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

6.5CVSS6.9AI score0.0363EPSS
Exploits0References8
Rows per page
Query Builder