CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3941 matches found

NVD•added 2004/07/07 4:0 a.m.•19 views

CVE-2004-0470

BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not have a principal-name tag, which can remov...

7.5CVSS6.7AI score0.02685EPSS

Exploits0References7

Cvelist•added 2004/05/20 4:0 a.m.•20 views

CVE-2004-0470

6.7AI score0.02685EPSS

Exploits0References7

CVE•added 2004/05/20 4:0 a.m.•36 views

CVE-2004-0470

BEA WebLogic Server and WebLogic Express versions 7.0–SP5 and 8.1–SP2 are affected. When editing weblogic.xml via WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, the process can inadvertently remove security-role-assignment tags if weblogic.xml lacks a principal-name tag, potent...

7.5CVSS7.1AI score0.02685EPSS

Exploits0References7Affected Software1

RedHat Linux•added 2004/03/17 1:58 p.m.•43 views

Important: Red Hat Security Advisory: openssl security update

Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. The OpenSSL toolkit implements Secure Sockets Layer SSL v2/v3, Transport Layer Security TLS v1 protocols, and serves as a full-strength general purpose cryptography...

7.5CVSS7.4AI score0.10424EPSS

Exploits0References4

Gentoo Linux•added 2004/03/17 12:0 a.m.•42 views

Multiple OpenSSL Vulnerabilities

Background The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library...

7.5CVSS7.6AI score0.10424EPSS

Exploits0

ALT Linux•added 2004/03/17 12:0 a.m.•38 views

Security fix for the ALT Linux 8 package openssl10 version 0.9.6l-alt2

March 17, 2004 Dmitry V. Levin 0.9.6l-alt2 - Fixed null-pointer assignment during SSL handshake CAN-2004-0079...

5CVSS6.9AI score0.09537EPSS

Exploits0

ALT Linux•added 2004/03/17 12:0 a.m.•29 views

Security fix for the ALT Linux 9 package openssl10 version 0.9.6l-alt2

March 17, 2004 Dmitry V. Levin 0.9.6l-alt2 - Fixed null-pointer assignment during SSL handshake CAN-2004-0079...

5CVSS7AI score0.09537EPSS

Exploits0

OpenSSL•added 2004/03/17 12:0 a.m.•34 views

Vulnerability in OpenSSL CVE-2004-0079

The Codenomicon TLS Test Tool uncovered a null-pointer assignment in the dochangecipherspec function. A remote attacker could perform a carefully crafted SSL/TLS handshake against a server that used the OpenSSL library in such a way as to cause a crash. Found by OpenSSL group...

7.2AI score0.09537EPSS

Exploits0Affected Software1

securityvulns•added 2004/03/17 12:0 a.m.•59 views

OpenSSL Security Advisory [17 March 2004]

OpenSSL Security Advisory 17 March 2004 Updated versions of OpenSSL are now available which correct two security issues: 1. Null-pointer assignment during SSL handshake =============================================== Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool...

5CVSS0.5AI score0.10424EPSS

Exploits0

CERT•added 2004/03/17 12:0 a.m.•64 views

OpenSSL contains null-pointer assignment in do_change_cipher_spec() function

Overview OpenSSL contains a null-pointer assignment in the dochangecipherspec function which could allow a remote, unauthenticated attacker to cause OpenSSL to crash. Description OpenSSL implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols and includes a general...

7.4AI score

Exploits0References3

Debian•added 2002/10/09 2:35 p.m.•14 views

[SECURITY] [DSA 173-1] New bugzilla packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 173-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2002 http://www.debian.org/security/faq -...

7.2AI score

Exploits0

NVD•added 2001/03/26 5:0 a.m.•23 views

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

10CVSS7.4AI score0.05669EPSS

Exploits1References5

CVE•added 1976/01/01 12:0 a.m.•26 views

CVE-2021-41984

CVE-2021-41984 entry is rejected/not used and does not represent an active vulnerability.

7.3AI score

Exploits0

CVE•added 1976/01/01 12:0 a.m.•27 views

CVE-2017-1059

CVE-2017-1059 is rejected/not used; this entry does not represent an active vulnerability.

7.3AI score

Exploits0

CVE•added 1976/01/01 12:0 a.m.•115 views

CVE-2022-40154

CVE-2022-40154 is rejected; this CVE entry is not an active vulnerability.

7.3AI score

Exploits0

CVE•added 1976/01/01 12:0 a.m.•76 views

CVE-2021-38577

CVE-2021-38577 is linked in several sources to a heap overflow in BaseBmpSupportLib within Tianocore Edk2. The available connected documents confirm a BaseBmpSupportLib heap overflow as the underlying issue, but there are no public details in these documents about affected versions, exploitabilit...

6.8AI score

Exploits0

CVE•added 1976/01/01 12:0 a.m.•26 views

CVE-2022-32713

CVE-2022-32713 is rejected/not used and does not represent an active vulnerability entry.

7.3AI score

Exploits0

CVE•added 1976/01/01 12:0 a.m.•31 views

CVE-2023-2918

CVE-2023-2918 is rejected/not used per the Initial Description.

6.9AI score

Exploits0