UBUNTU-CVE-2025-58189

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information the ALPN protocols sent by the client which is not escaped...

CVE-2023-53382 net/smc: Reset connection when trying to use SMCRv2 fails.

In the Linux kernel, the following vulnerability has been resolved: net/smc: Reset connection when trying to use SMCRv2 fails. We found a crash when using SMCRv2 with 2 Mellanox ConnectX-4. It can be reproduced by: - smcrun nginx - smcrun wrk -t 32 -c 500 -d 30 http://: BUG: kernel NULL pointer...

GHSA-F8MX-CWFH-7HR2 TShock allows chat while not fully connected, possible ban evasion

This issue was reported to TShock by @ohayo, but was found by the Discord user by the name of sofurry.com. Please note that this user does not own this domain on the internet, just the discord handle. TShock overrides certain Terraria vanilla systems, including chat, and the connection handling,...

TShock allows chat while not fully connected, possible ban evasion

This issue was reported to TShock by @ohayo, but was found by the Discord user by the name of sofurry.com. Please note that this user does not own this domain on the internet, just the discord handle. TShock overrides certain Terraria vanilla systems, including chat, and the connection handling,...

RHEL 6 : ssl_tls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SSL/TLS: Birthday attack against 64-bit block ciphers SWEET32 CVE-2016-2183 - A denial of service flaw wa...

CVE-2021-22926

libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command line tool.When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificat...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2017-1042)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail...

CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail...

CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail...

Amazon Linux AMI : gnutls (ALAS-2017-815)

A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. CVE-2016-8610...

CVE-2003-0625

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response...

CVE-2003-0625

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response...