Lucene search
K

2878 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.3 views

SUSE CVE-2012-0027

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service daemon crash via crafted data from a TLS client...

5CVSS6.8AI score0.04992EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.4 views

SUSE CVE-2012-1573

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

5CVSS6.8AI score0.04202EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.3 views

SUSE CVE-2012-2668

libraries/libldap/tlsm.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive...

4.3CVSS5.4AI score0.04114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.5 views

SUSE CVE-2012-4571

Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack...

2.1CVSS6.5AI score0.0037EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-2061

The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...

2.6CVSS6.5AI score0.02813EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.2 views

SUSE CVE-2013-2116

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

5CVSS6.3AI score0.03761EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.6 views

SUSE CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

4.4CVSS7.8AI score0.00557EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.2 views

SUSE CVE-2014-5139

The sslsetclientdisabled function in t1lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service NULL pointer dereference and client application crash via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite...

4.3CVSS8.3AI score0.19997EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.4 views

SUSE CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204...

7.5CVSS7AI score0.03152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.3 views

SUSE CVE-2015-2774

Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 aka POODLE...

5.9CVSS6.3AI score0.01899EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:20 a.m.4 views

SUSE CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS8.8AI score0.74006EPSS
Exploits0References26
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.2 views

SUSE CVE-2015-3230

389 Directory Server formerly Fedora Directory Server before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher...

7.5CVSS7.2AI score0.02573EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.6 views

SUSE CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHEEXPORT and then...

3.7CVSS8.7AI score0.9986EPSS
Exploits1References115
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.4 views

SUSE CVE-2015-7824

botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites...

7.5CVSS6.8AI score0.01686EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:9 a.m.4 views

SUSE CVE-2016-0704

An oracle protection mechanism in the getclientmasterkey function in s2srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier fo...

5.9CVSS7.6AI score0.06903EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:9 a.m.9 views

SUSE CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle...

7.5CVSS6.9AI score0.49024EPSS
Exploits4References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.6 views

SUSE CVE-2016-6329

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack...

5.9CVSS6.4AI score0.0594EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

5.9CVSS6.2AI score0.04219EPSS
Exploits2References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.9CVSS6AI score0.05572EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.1CVSS6.6AI score0.00428EPSS
Exploits0References15
Rows per page
Query Builder