Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2020/06/05 12:0 a.m.51 views

Huawei Data Communication: Sixteen OpenSSL Vulnerabilities on Some Huawei products (huawei-sa-20170322-01-openssl)

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS8AI score0.95707EPSS
Exploits9References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:37 p.m.27 views

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager VMware (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerabl...

10CVSS0.6AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:37 p.m.24 views

Security Bulletin: Vulnerabilities in OpenSSL affect Tivoli Storage FlashCopy Manager Unix (CVE-2016-6303, CVE-2016-2182, CVE-2016-2177, CVE-2016-2183, CVE-2016-6309, CVE-2016-7052, CVE-2016-2178, CVE-2016-6306)

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL used by Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTION: OpenSSL is vulnerable ...

10CVSS0.6AI score0.95707EPSS
Exploits7Affected Software1
myhack58
myhack58
added 2016/12/20 12:0 a.m.37 views

Once due to bug fixes to trigger the vulnerability—CVE-2016-6309 vulnerability detailed analysis-vulnerability warning-the black bar safety net

openssl released a security level for”serious”UAF vulnerability, the exploit is simple, only need to send a tcp packet will trigger the vulnerability, but the consequences are serious, may result in TLS-related applications denial of service or even arbitrary code execution and other consequences...

0.2AI score0.70223EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/12/06 12:0 a.m.4 views

OpenSSL tls_get_message_body Function init_msg Structure Use After Free (CVE-2016-6309)

A use-after-free vulnerability has been reported in the tlsgetmessagebody function of OpenSSL. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted message to the vulnerable server. Successful exploitation allows the attacker to execute arbitrary code on the...

10CVSS4.3AI score0.70223EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/09/28 12:0 a.m.69 views

OpenSSL 1.1.0a < 1.1.0b Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.0b. It is, therefore, affected by a vulnerability as referenced in the 1.1.0b advisory. - statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a...

10CVSS8.9AI score0.70223EPSS
Exploits0References4
CVE
CVE
added 2016/09/26 7:0 p.m.137 views

CVE-2016-6309

CVE-2016-6309 concerns OpenSSL 1.1.0a and describes a use-after-free due to memory-block handling after realloc during TLS session processing, enabling a remote attacker to cause a denial of service or possibly execute arbitrary code. The provided documents include multiple IBM advisories that re...

10CVSS8.8AI score0.70223EPSS
Exploits0References14Affected Software1
ALT Linux
ALT Linux
added 2016/09/26 12:0 a.m.35 views

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2j-alt1

Sept. 26, 2016 Gleb Fotengauer-Malinovskiy 1.0.2j-alt1 - Updated to v1.0.2j fixes CVE-2016-6309...

10CVSS9.4AI score0.70223EPSS
Exploits0
ALT Linux
ALT Linux
added 2016/09/26 12:0 a.m.30 views

Security fix for the ALT Linux 9 package openssl10 version 1.0.2j-alt1

Sept. 26, 2016 Gleb Fotengauer-Malinovskiy 1.0.2j-alt1 - Updated to v1.0.2j fixes CVE-2016-6309...

10CVSS9.4AI score0.70223EPSS
Exploits0
Rows per page
Query Builder