CVE-2026-44700 Elixir WebRTC: Missing DTLS peer fingerprint validation in ex_webrtc client-role handshake

Elixir WebRTC is an Elixir implementation of the W3C WebRTC API. Prior to 0.15.1 and 0.16.1, missing DTLS peer certificate fingerprint validation in the DTLS client active role removes one side of WebRTC's mutual authentication. The bug is not independently exploitable for media interception in...

OpenSSL 3.x QUIC Initial Packet Builder / Sender

This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...

Protection Mechanism Failure

Overview Affected versions of this package are vulnerable to Protection Mechanism Failure in the ClientHandshake function, which handles ClientHello messages, and in particular the serverHello.random field. An attacker can downgrade the TLS connection from TLS 1.3 by removing the SupportedVersion...

Tungstenite allows remote attackers to cause a denial of service

The Tungstenite crate through 0.20.0 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amoun...

SUSE CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

DEBIAN-CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

UBUNTU-CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

CVE-2023-43669

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service minutes of CPU consumption via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted e.g., thousands of times and the average amount...

Tungstenite Security Vulnerability

Snapview GmbH Tungstenite is a library from Snapview GmbH. A security vulnerability exists in Tungstenite 0.20.0 and earlier versions that originated from allowing an attacker to cause a denial of service DoS via a lengthened HTTP header in the client handshake...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2021:3671-1 Rating: important References: 1191901 1191903 1191904 1191906 1191909 1191910 1191911 1191912 1191913 1191914 Cross-References: CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561...

EUVD-2014-3550

The ssl23getclienthello function in s23srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unexpected handshake, as demonstrated by...

CVE-2000-0211

The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability...