Lucene search
+L

382 matches found

RedHat Linux
RedHat Linux
added 2016/04/25 11:57 a.m.7 views

nss: Use-after-free during processing of DER encoded keys in NSS (MFSA 2016-36)

A use-after-free flaw was found in the way NSS processed certain DER Distinguished Encoding Rules encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause th...

8.8CVSS7.7AI score0.02171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/04/05 11:19 a.m.6 views

nss: Use-after-free during processing of DER encoded keys in NSS (MFSA 2016-36)

A use-after-free flaw was found in the way NSS processed certain DER Distinguished Encoding Rules encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause th...

8.8CVSS7.7AI score0.02171EPSS
Exploits0References5
OSV
OSV
added 2016/03/13 6:59 p.m.4 views

DEBIAN-CVE-2016-1979

Use-after-free vulnerability in the PK11ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services NSS before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data...

8.8CVSS9.1AI score0.02171EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/01/08 10:17 a.m.6 views

libldb: remote memory read in the Samba LDAP server

A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server...

7.5CVSS7.2AI score0.06114EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/11/11 12:0 a.m.27 views

CentOS Update for libipa_hbac CESA-2015:2019 centos6

Check the version of libipahbac SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882323";...

6.8CVSS7.2AI score0.03666EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.8 views

The vulnerability of the GnuTLS library, which allows a hacker to cause a service failure

The vulnerability of the GnuTLS library is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure by submitting an excessively long DistinguishedName DN parameter...

5CVSS7.1AI score0.1903EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2015/08/24 2:59 p.m.1 views

DEBIAN-CVE-2015-6251

Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName DN entry in a certificate...

5CVSS6.8AI score0.1903EPSS
Exploits0References1
OSV
OSV
added 2015/08/24 12:0 a.m.5 views

UBUNTU-CVE-2015-6251

Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName DN entry in a certificate...

5CVSS7.1AI score0.1903EPSS
Exploits0References5
OSV
OSV
added 2015/05/14 2:59 p.m.4 views

UBUNTU-CVE-2015-0971

The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service crash via vectors related to SSL/TLS certificates...

5CVSS5.8AI score0.01134EPSS
Exploits0References3
CNVD
CNVD
added 2015/05/11 12:0 a.m.4 views

Suricata DER Denial of Service Vulnerability

Suricata is a network intrusion detection system, intrusion prevention system and network security monitoring engine. Suricata suffers from an integer overflow error when processing DER-encoded data, allowing an attacker to exploit the vulnerability to submit a special request for a...

5CVSS7.2AI score0.01134EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/05/05 6:46 a.m.4 views

nss: QuickDER decoder length issue

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

7.5CVSS7AI score0.03182EPSS
Exploits4References4
Fedora
Fedora
added 2015/04/18 9:47 a.m.31 views

[SECURITY] Fedora 21 Update: libtasn1-4.4-1.fc21

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

10CVSS3.5AI score0.07801EPSS
Exploits0
Fedora
Fedora
added 2015/04/18 9:38 a.m.25 views

[SECURITY] Fedora 20 Update: libtasn1-3.8-3.fc20

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

10CVSS3.5AI score0.07801EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/02/24 1:20 p.m.7 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/02/05 7:35 p.m.6 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/02/05 7:34 p.m.6 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/02/05 7:29 p.m.4 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/01/22 9:34 p.m.7 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/01/20 10:38 p.m.6 views

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

5CVSS6.6AI score0.05032EPSS
Exploits0References5
OSV
OSV
added 2014/12/15 6:59 p.m.2 views

DEBIAN-CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

7.5CVSS7.4AI score0.03182EPSS
Exploits4References1
Rows per page
Query Builder