Lucene search
K

40 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/08/20 12:54 a.m.41 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN Volume Controller and Storwize Family (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511)

Summary Vulnerabilities in OpenSSL could allow a remote attacker to execute arbitrary code or cause a denial of service. Vulnerability Details CVE-ID:CVE-2014-3509 DESCRIPTION : OpenSSL is vulnerable to a denial of service, caused by a race condition in the sslparseserverhellotlsext code. If a...

6.8CVSS7.7AI score0.51436EPSS
Exploits0Affected Software5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2014-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.7408EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.60 views

Security Bulletin: GPFS V3.5 for Windows is affected by OpenSSL vulnerabilities (CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508, CVE-2014-5139)

Summary Security vulnerabilities have been identified in the level of OpenSSL that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSL could allow a remote attacker to : - Cause a denial of service CVE-2014-3512, CVE-2014-3509, CVE-2014-3506, CVE-2014-3507...

7.5CVSS7.1AI score0.7408EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2014:1049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.3AI score0.51436EPSS
Exploits0References2
NVD
NVD
added 2020/01/23 8:15 p.m.28 views

CVE-2015-5334

Off-by-one error in the OBJobj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service program crash or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an...

9.8CVSS6.8AI score0.03489EPSS
Exploits1References5
Prion
Prion
added 2020/01/23 8:15 p.m.32 views

Stack overflow

Off-by-one error in the OBJobj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service program crash or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an...

7.5CVSS8AI score0.23292EPSS
Exploits1References5Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.51 views

Security Bulletin: Vulnerability in Open SSL affects IBM System Networking products

Summary Open SSL used in the System Networking Products is impacted by the CVEs as outlined in the details below. Vulnerability Details Abstract Open SSL used in the System Networking Products is impacted by the CVEs as outlined in the details below. Content Vulnerability Details: CVE-ID:...

5CVSS0.7AI score0.51436EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.28 views

Security Bulletin: OpenSSL vulnerabilities announced August 6th 2014 affect Juniper EX Series Network Switches sold by IBM for use in IBM Products (9 CVEs)

Summary The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Vulnerability Details Abstract The 9 OpenSSL vulnerabilities announced August 6th 2014 are fixed as detailed below. Content Vulnerability Details: CVE-ID: CVE-2014-3505 Description: OpenSSL is vulnerable ...

7.5CVSS0.9AI score0.7408EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.35 views

Security Bulletin: Multiple potential vulnerabilities in OpenSSL fixed in Chassis Management Module (CMM) (CVE-2014-3509, CVE-2014-3506, CVE-2014-3507, CVE-2014-3511, CVE-2014-3505, CVE-2014-3510, CVE-2014-3508)

Summary OpenSSL disclosed several vulnerabilities in August 2014. Seven of those vulnerabilities apply to the version of OpenSSL used by Flex Systems Chassis Management Module CMM. Vulnerability Details Abstract OpenSSL disclosed several vulnerabilities in August 2014. Seven of those...

6.8CVSS0.7AI score0.51436EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.79 views

Security Bulletin: Vulnerabilities in OpenSSL (CVE-2014-3508 and CVE-2014-3509) affect the virtual machines deployed by IBM PureApplication System.

Summary Nine OpenSSL vulnerabilities were disclosed in August 2014. This bulletin addresses the two vulnerabilities that are applicable to virtual machines which are deployed by IBM PureApplication System using the IBM OS Image for Red Hat Linux Systems and the IBM OS Image for AIX Systems...

6.8CVSS0.9AI score0.23292EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/21 12:0 a.m.273 views

pfSense < 2.1.5 Multiple Vulnerabilities ( SA-14_14 )

According to its self-reported version number, the remote pfSense install is a version prior to 2.1.5 It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108516; scriptversion"1.4";...

7.5CVSS6.4AI score0.7408EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/03/05 12:0 a.m.550 views

Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)

According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in 'd1both.c' related to handling DTLS packets that allows denial of...

7.5CVSS6.7AI score0.99999EPSS
Exploits7References17
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.55 views

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_3508_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters,...

4.3CVSS6.4AI score0.23292EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.41 views

Fedora Update for mingw-openssl FEDORA-2014-17576

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.7AI score0.99999EPSS
Exploits20References2
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.45 views

Fedora Update for mingw-openssl FEDORA-2014-17587

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.99999EPSS
Exploits106References4
Tenable Nessus
Tenable Nessus
added 2015/01/02 12:0 a.m.37 views

Fedora 21 : mingw-openssl-1.0.1j-1.fc21 (2014-17576) (POODLE)

Synced with native openssl-1.0.1j-3.fc22\r\n Add support for RFC 5649\r\n Prevent compiler warning 'Please include winsock2.h before windows.h' when using the OpenSSL headers\r\n Fixes various CVE's Note that Tenable Network Security has extracted the preceding description block directly from the...

7.4CVSS7.6AI score0.99999EPSS
Exploits20References18
Tenable Nessus
Tenable Nessus
added 2014/12/05 12:0 a.m.34 views

SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)

The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues : - Build option no-ssl3 is incomplete. CVE-2014-3568 - Add support for TLSFALLBACKSCSV. CVE-2014-3566 - Information leak in pretty printing functions. CVE-2014-3508 - OCSP bad key DoS...

7.4CVSS7.5AI score0.99999EPSS
Exploits16References20
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.44 views

OracleVM 3.2 : openssl (OVMSA-2014-0039) (POODLE)

The remote OracleVM system is missing necessary patches to address critical security updates : - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet...

7.4CVSS7.6AI score0.99999EPSS
Exploits16References8
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.285 views

OracleVM 2.2 : openssl (OVMSA-2014-0040) (POODLE)

The remote OracleVM system is missing necessary patches to address critical security updates : - add support for fallback SCSV to partially mitigate CVE-2014-3566 padding attack on SSL3 - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet...

7.4CVSS7.6AI score0.99999EPSS
Exploits16References8
ALT Linux
ALT Linux
added 2014/10/31 12:0 a.m.40 views

Security fix for the ALT Linux 7 package openssl10 version 1.0.1j-alt0.M70P.1

1.0.1j-alt0.M70P.1 built Oct. 31, 2014 Gleb Fotengauer-Malinovskiy in task 133718 Oct. 31, 2014 Gleb Fotengauer-Malinovskiy - Backported to p7 branch security: CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, CVE-2014-3508,...

7.5CVSS5.5AI score0.99999EPSS
Exploits7
Rows per page
Query Builder