Lucene search
K

6 matches found

BDU FSTEC
BDU FSTEC
added 2023/04/17 12:0 a.m.6 views

The vulnerability of the OpenSSL cryptographic library, related to errors in the certificate validation process, allows a perpetrator to cause a service failure.

The vulnerability of the OpenSSL cryptographic library is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures using a specially created certificate chain...

7.8CVSS6.5AI score0.03658EPSS
Exploits0References31Affected Software20
RedHat Linux
RedHat Linux
added 2020/12/03 11:20 a.m.6 views

golang: math/big: panic during recursive division of very large numbers

A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The...

7.5CVSS7.1AI score0.03813EPSS
Exploits0References4
OSV
OSV
added 2018/02/13 3:29 p.m.1 views

DEBIAN-CVE-2018-0487

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session...

9.8CVSS9.3AI score0.03317EPSS
Exploits0References1
NVD
NVD
added 2014/04/11 7:55 p.m.26 views

CVE-2014-0636

EMC RSA BSAFE Micro Edition Suite MES 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain...

5.8CVSS6.3AI score0.00669EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2014/03/05 2:0 a.m.51 views

CVE-2014-2234

A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent TEA feature without terminating certain TLS/SSL handshakes as specified in the SSLCTXsetverify callback function's documentation, which allows remote attackers to bypass extra verification within a...

6.4CVSS6.1AI score0.01124EPSS
Exploits1
Cvelist
Cvelist
added 2014/03/05 2:0 a.m.27 views

CVE-2014-2234

A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent TEA feature without terminating certain TLS/SSL handshakes as specified in the SSLCTXsetverify callback function's documentation, which allows remote attackers to bypass extra verification within a...

6.1AI score0.01124EPSS
Exploits1References1
Rows per page
Query Builder