Lucene search
K

67 matches found

Vulnrichment
Vulnrichment
added 2023/06/06 12:0 a.m.9 views

CVE-2023-33613

axTLS v2.1.5 was discovered to contain a heap buffer overflow in the biimport function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service DoS when parsing a private key...

7.6AI score0.003EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/06 12:0 a.m.5 views

Sourceforge axTLS 缓冲区错误漏洞

Sourceforge axTLS is a highly configurable client/server TLS Transport Layer Security Protocol library from Sourceforge open source. A security vulnerability exists in Sourceforge axTLS version v2.1.5, which stems from the inclusion of a heap buffer overflow that allows an attacker to cause a...

5.5CVSS5.9AI score0.003EPSS
Exploits1References2
CVE
CVE
added 2023/06/06 12:0 a.m.39 views

CVE-2023-33613

CVE-2023-33613 affects axTLS v2.1.5 and is caused by a heap buffer overflow in the bi_import function (axtls-code/crypto/bigint.c). This vulnerability allows a Denial of Service when parsing a private key. The provided connected sources describe the flaw but do not provide concrete exploitation d...

5.5CVSS5.7AI score0.003EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.6 views

PT-2023-24405 · Axtls · Axtls

Name of the Vulnerable Software and Affected Versions: axTLS version 2.1.5 Description: A heap buffer overflow was discovered in the bi import function, located in axtls-code/crypto/bigint.c, which allows attackers to cause a Denial of Service DoS when parsing a private key. Recommendations: For...

5.5CVSS7.4AI score0.003EPSS
Exploits1References6
OSV
OSV
added 2019/12/03 8:15 p.m.3 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.5CVSS7.1AI score0.0191EPSS
Exploits0References5
NVD
NVD
added 2019/12/03 8:15 p.m.9 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.8CVSS7.4AI score0.0191EPSS
Exploits0References5
OSV
OSV
added 2019/12/03 8:15 p.m.4 views

UBUNTU-CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.5CVSS5.8AI score0.0191EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/12/03 8:15 p.m.18 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.8CVSS7.1AI score0.0191EPSS
Exploits0References1
Prion
Prion
added 2019/12/03 8:15 p.m.14 views

Buffer overflow

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

5CVSS7.4AI score0.01479EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2019/12/03 8:15 p.m.15 views

Buffer overflow

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.8CVSS7.4AI score0.0191EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2019/12/03 8:15 p.m.3 views

UBUNTU-CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

7.5CVSS7.1AI score0.01479EPSS
Exploits0References7
CVE
CVE
added 2019/12/03 8:0 p.m.63 views

CVE-2019-10013

The CVE-2019-10013 entry concerns the axTLS library (Cameron Hamilton-Rich) up to version 2.1.5. The asn1_signature function in asn1.c contains a Buffer Overflow vulnerability triggered by a crafted TLS certificate in the handshake, because get_asn1_length() is not checked for a sensible minimum/...

7.8CVSS7.4AI score0.0191EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2019/12/03 8:0 p.m.18 views

CVE-2019-10013

Removed by vendor...

7.8CVSS7.6AI score0.0191EPSS
Exploits0
Cvelist
Cvelist
added 2019/12/03 8:0 p.m.15 views

CVE-2019-10013

The asn1signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service memory and CPU consumption via a crafted certificate in the TLS certificate handshake message, because the result of getasn1length is n...

7.5AI score0.0191EPSS
Exploits0References5
CVE
CVE
added 2019/12/03 7:59 p.m.53 views

CVE-2019-9689

CVE-2019-9689 affects axTLS up to version 2.1.5. The vulnerability is a buffer overflow in the function process_certificate (tls1.c) when handling a TLS handshake message with zero certificates, leading to potential denial of service. Affected: axTLS 2.1.5 and earlier. Some sources (Debian) indic...

7.5CVSS7.4AI score0.01479EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/12/03 7:59 p.m.17 views

CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

7.5AI score0.01479EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2019/12/03 7:59 p.m.19 views

CVE-2019-9689

Removed by vendor...

7.5CVSS7.6AI score0.01479EPSS
Exploits0
CNVD
CNVD
added 2019/12/02 12:0 a.m.3 views

axTLS Denial of Service Vulnerability (CNVD-2019-45138)

axTLS is a highly configurable client/server TLS Secure Transport Layer Protocol library. A security vulnerability exists in the 'asn1signature' function of the asn1.c file in axTLS 2.1.5 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...

7.8CVSS6.7AI score0.0191EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/02 12:0 a.m.4 views

axTLS Denial of Service Vulnerability

axTLS is a highly configurable client/server TLS Secure Transport Layer Protocol library. A security vulnerability exists in the 'asn1signature' function of the asn1.c file in axTLS 2.1.5 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...

7.5CVSS6.7AI score0.01479EPSS
Exploits0References1
Prion
Prion
added 2019/03/26 2:29 a.m.17 views

Buffer overflow

tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the needbytes value is mismanaged...

7.5CVSS9.2AI score0.02684EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder