27 matches found
CVE-2026-1584
A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...
EUVD-2014-3512
Malware in sbrugna...
EUVD-2015-6860
Malware in sbrugna...
EUVD-2015-7929
Malware in sbrugna...
EUVD-2024-34179
Malicious code in bioql PyPI...
CVE-2025-52494
Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...
GHSA-PMC3-P9HX-JQ96 uTLS ServerHellos are accepted without checking TLS 1.3 downgrade canaries
Description Before version 1.7.0, utls did not implement the TLS 1.3 downgrade protection mechanism specified in RFC 8446 Section 4.1.3 when using a utls ClientHello spec. This allowed an active network adversary to downgrade TLS 1.3 connections initiated by a utls client to a lower TLS version...
BIT-NODE-MIN-2021-3449 NULL pointer deref in signature_algorithms processing
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...
CVE-2024-11738
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept`
A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...
Heap overflow
An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information...
NULL pointer deref in signature_algorithms processing
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...
Denial Of Service (DoS) Through Null Pointer Dereference
OpenSSL is vulnerable to denial of service DoS attacks. These attacks can be triggered by using an invalid signaturealgorithms extension in the the ClientHello message during renegotiation...
DEBIAN-CVE-2015-6925
wolfSSL formerly CyaSSL before 3.6.8 allows remote attackers to cause a denial of service resource consumption or traffic amplification via a crafted DTLS cookie in a ClientHello message...
CVE-2015-6925
wolfSSL formerly CyaSSL before 3.6.8 allows remote attackers to cause a denial of service resource consumption or traffic amplification via a crafted DTLS cookie in a ClientHello message...
Code injection
wolfSSL formerly CyaSSL before 3.6.8 allows remote attackers to cause a denial of service resource consumption or traffic amplification via a crafted DTLS cookie in a ClientHello message...
Heap overflow
Heap-based buffer overflow in ARM mbed TLS formerly PolarSSL 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service client crash and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handl...