90 matches found
cPanel Security Feature Issue Vulnerability (CNVD-2019-36151)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security signature issue vulnerability exists in cPanel versions prior to 70.0.23. An attacker can exploit this vulnerability t...
CVE-2019-11755
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted...
GalliumOS Security Feature Issue Vulnerability
GalliumOS is a set of lightweight Linux operating systems dedicated to Chrome OS devices from the GalliumOS project. A security signature issue vulnerability exists in GalliumOS version 3.0. No detailed vulnerability details are provided at this time...
IBM Security Guardium Big Data Intelligence Security Feature Issue Vulnerability
IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. IBM Security Guardium Big Data Intelligence suffers from a...
SUSE-SU-2019:1553-1 Security update for openssl
This update for openssl fixes the following issues: - CVE-2018-0732: Reject excessively large primes in DH key generation bsc1097158 - CVE-2018-0734: Timing vulnerability in DSA signature generation bsc1113652 - CVE-2018-0737: Cache timing vulnerability in RSA Key Generation bsc1089039 -...
OpenStack Neutron Security Feature Issue Vulnerability
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the creating networks between...
OPENSUSE-SU-2017:1098-1 Security update for chromium
This update to Chromium 58.0.3029.81 fixes the following security issues bsc1035103: - CVE-2017-5057: Type confusion in PDFium - CVE-2017-5058: Heap use after free in Print Preview - CVE-2017-5059: Type confusion in Blink - CVE-2017-5060: URL spoofing in Omnibox - CVE-2017-5061: URL spoofing in...
MGASA-2015-0022 Updated openssl packages fix security vulnerabilities
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord function under certain conditions. In particular this could occur if an...
CVE-2013-4545
cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification CURLOPTSSLVERIFYHOST when the digital signature verification CURLOPTSSLVERIFYPEER is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrar...
Internet Explorer .mht DoS
If executable with MZP signature but without actual data is included, NULL pointer reference occurs...