Lucene search
K

44 matches found

RedHat Linux
RedHat Linux
added 2023/12/07 12:21 p.m.4 views

OpenSSL: Excessive time spent checking DH q parameter value

A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

5.3CVSS6.6AI score0.02577EPSS
Exploits0References5
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: openssl11

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

5.3CVSS7.8AI score0.04459EPSS
Exploits0
OSV
OSV
added 2023/11/06 4:15 p.m.6 views

AZL-34666 CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.6AI score0.04459EPSS
Exploits0References1
OSV
OSV
added 2023/11/06 4:15 p.m.4 views

ALPINE-CVE-2023-5678

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS7AI score0.04459EPSS
Exploits0References1
OSV
OSV
added 2023/10/25 12:40 p.m.3 views

USN-6435-2 openssl vulnerabilities

USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial ...

5.3CVSS6.7AI score0.05533EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2023/10/25 12:40 p.m.94 views

USN-6435-2: OpenSSL vulnerabilities

USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial ...

5.3CVSS6.6AI score0.05533EPSS
Exploits0
OSV
OSV
added 2023/10/18 7:51 p.m.3 views

USN-6435-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. CVE-2023-3446 Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker...

5.3CVSS6.7AI score0.05533EPSS
Exploits0References3
OSV
OSV
added 2023/08/30 6:26 p.m.7 views

CLSA-2023-1693419971 Fix CVE(s): CVE-2023-3817

SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correc...

5.3CVSS6.9AI score0.02577EPSS
Exploits0References1
OSV
OSV
added 2023/08/12 11:5 a.m.4 views

OESA-2023-1481 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHchec...

5.3CVSS7.1AI score0.02577EPSS
Exploits0References2
OSV
OSV
added 2023/07/31 4:15 p.m.1 views

DEBIAN-CVE-2023-3817

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS6.4AI score0.02577EPSS
Exploits0References1
OSV
OSV
added 2023/07/31 4:15 p.m.5 views

ALPINE-CVE-2023-3817

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS7.1AI score0.02577EPSS
Exploits0References1
OSV
OSV
added 2023/07/31 4:15 p.m.9 views

UBUNTU-CVE-2023-3817

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS6.7AI score0.02577EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/07/31 12:0 a.m.1 views

OpenSSL 安全漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

5.3CVSS6.4AI score0.02577EPSS
Exploits0References30
OSV
OSV
added 2023/07/19 12:15 p.m.3 views

ALPINE-CVE-2023-3446

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS7AI score0.05533EPSS
Exploits0References1
OSV
OSV
added 2020/06/11 2:15 a.m.6 views

CVE-2020-12714

An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow...

5.9CVSS5.8AI score0.02626EPSS
Exploits4References6
CNVD
CNVD
added 2020/05/07 12:0 a.m.2 views

F5 BIG-IP Encryption Problem Vulnerability (CNVD-2020-36270)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cryptographic issue vulnerability exists in the F5 BIG-IP system, which stems from a program that does not use a secure...

9.1CVSS6.8AI score0.00809EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 5:3 a.m.8 views

Denial Of Service (DoS)

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A race condition was found in the way N...

10CVSS7.7AI score0.06381EPSS
Exploits5References40Affected Software3
OpenVAS
OpenVAS
added 2018/12/18 12:0 a.m.62 views

Debian: Security Advisory (DSA-4355-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.49268EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2018/12/01 12:0 a.m.42 views

Debian DSA-4348-1 : openssl - security update

Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4348...

7.5CVSS6.8AI score0.49268EPSS
Exploits4References8
OSV
OSV
added 2017/05/09 8:29 p.m.3 views

UBUNTU-CVE-2017-8854

wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file...

7.8CVSS7.4AI score0.01806EPSS
Exploits0References3
Rows per page
Query Builder