EUVD-2014-9550

Malware in sbrugna...

Rustls 安全漏洞

Rustls is a modern TLS library in Rust open-sourced by Rustls. A security vulnerability exists in Rustls version 0.23.13 that stems from allowing denial of service via fragmented TLS ClientHello messages...

CVE-2023-23759

There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process impact is limited to...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2017-1204)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-6596

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when processing fragmented ClientHello messages in a DTLS session TMM may corrupt memory eventually leading to a crash. Only systems offering DTLS connections via APM are impacted...

USN-3850-2: NSS vulnerabilities

USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack...

USN-3850-1: NSS vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

EulerOS 2.0 SP1 : gnutls (EulerOS-SA-2017-1203)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A double-free flaw was found in the way GnuTLS parsed certain X.509 certificates with Proxy Certificate Information extension. An attacker could...

Scientific Linux Security Update : gnutls on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: gnutls 3.3.26. Security Fixes : - A double-free flaw was found in the way GnuTLS parsed certain X.509 certificates with Proxy Certificate Information extension. An attacker could create a specially crafted certificate which,...

CVE-2014-9744

Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause a denial of service memory consumption via a large number of ClientHello messages. NOTE: this identifier was SPLIT from CVE-2014-8628 per ADT3 due to different affected versions...

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2308-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2308-1 advisory. Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled certain DTLS packets. A remote attacker could use this issue to cause OpenSSL ...