Lucene search
+L

191 matches found

NVD
NVD
added 2017/06/06 4:29 p.m.15 views

CVE-2017-5243

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the...

8.5CVSS8.4AI score0.00507EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/06 12:0 a.m.5 views

Rapid7 Nexpose Hardware Device Man-in-the-Middle Attack Vulnerability

Rapid7 Nexpose hardware appliances are hardware devices with Nexpose from Rapid7, Inc. Nexpose is a set of vulnerability management software that can synthesize the results of different scans to probe the network in depth. A man-in-the-middle vulnerability exists in the default SSH configuration ...

8.5CVSS6.8AI score0.00507EPSS
Exploits0References1
Prion
Prion
added 2017/05/11 6:29 p.m.22 views

Design/Logic Flaw

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check that the current version is lower than or equal to the given image's. Downgrades can occur even on...

4.3CVSS5.9AI score0.01146EPSS
Exploits6References1
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.31 views

EulerOS 2.0 SP1 : samba (EulerOS-SA-2016-1014)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of...

7.5CVSS7.2AI score0.3693EPSS
Exploits0References9
seebug.org
seebug.org
added 2017/02/17 12:0 a.m.263 views

SSL 3.0 POODLE(CVE-2014-3566)

SSL 3.0 POODLE attack information disclosure VulnerabilityCVE-2014-3566 Release date: 2014-10-14 Update date: 2014-10-16 Affected system: Netscape ssl 3.0 Netscape tls Not affected system: Netscape tls 1.2 Netscape tls 1.1 Netscape tls 1.0 Description: CVECAN ID: CVE-2014-3566 SSL3. 0 is an...

4.3CVSS5.3AI score0.99999EPSS
Exploits7
Veracode
Veracode
added 2017/02/06 6:25 a.m.46 views

ECDHE-to-ECDH Downgrade Attacks

OpenSSL is vulnerable to ECDHE-to-ECDH downgrade attacks. This is due to a flaw in ssl3getkeyexchange which allows attackers to trigger a loss of forward secrecy to omitting the ServerKeyExchange message...

5CVSS5.7AI score0.06574EPSS
Exploits0References38Affected Software1
Veracode
Veracode
added 2017/02/02 6:32 a.m.25 views

Bypassing Security Mechanisms

libzmq aka ZeroMQ is vulnerable to bypassing security mechanisms or downgrade attacks. The vulnerability exists because ZMTP V3 protocol handler sends ZMTP v2 or earlier headers...

4.3CVSS6AI score0.02529EPSS
Exploits0References6Affected Software1
ThreatPost
ThreatPost
added 2016/10/03 8:45 a.m.10 views

Mozilla Reduces Threat of Export-Grade Crypto to Firefox

Logjam was one of several downgrade attacks discovered in the last 18 months that could theoretically allow a resourced attacker to take advantage of lingering export-grade cryptography to read and modify data over a supposedly secure connection. While the severity of this particular attack again...

7AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2016/08/30 12:0 a.m.55 views

F5 Networks BIG-IP : Samba vulnerabilities (K53313971)

CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryptio...

5.9CVSS6.9AI score0.10232EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2016/08/01 1:54 p.m.13 views

Google Adds New Layer of Security to Domain: Adds HSTS

Google is adding HTTP Strict Transport Security or HSTS to the Google.com domain, an extra layer of protection that prevents visitors from using a less secure HTTP connection. By using HSTS, visitors following HTTP links to Google.com will be automatically redirected to the more secure HTTPS...

7AI score
Exploits0References8
Debian
Debian
added 2016/06/07 10:0 a.m.49 views

[SECURITY] [DLA 507-1] nss security update

Package : nss Version : 2:3.14.5-1+deb7u7 CVE ID : CVE-2015-4000 Debian Bug : N/A A vulnerability has been found in nss. CVE-2015-4000 With TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which...

4.3CVSS5.4AI score0.9986EPSS
Exploits1
OSV
OSV
added 2016/06/05 12:0 a.m.43 views

DSA-3548-3 samba - regression update

Bulletin has no description...

6.8AI score
Exploits0
NVD
NVD
added 2016/05/13 2:59 p.m.18 views

CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for 1 signature algorithms and 2 ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

7.5CVSS7.5AI score0.02118EPSS
Exploits0References4
OSV
OSV
added 2016/05/13 2:59 p.m.9 views

CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for 1 signature algorithms and 2 ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

7.5CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2016/05/13 2:59 p.m.16 views

Code injection

Botan 1.11.x before 1.11.29 does not enforce TLS policy for 1 signature algorithms and 2 ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

5CVSS7.1AI score0.02118EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2016/05/13 2:59 p.m.24 views

CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for 1 signature algorithms and 2 ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

7.5CVSS7.1AI score0.02118EPSS
Exploits0References1
CVE
CVE
added 2016/05/13 2:0 p.m.58 views

CVE-2016-2850

CVE-2016-2850 affects Botan 1.11.x prior to 1.11.29. The vulnerability arises from Botan not enforcing TLS policy for (1) signature algorithms and (2) ECC curves, enabling remote attackers to perform downgrade attacks via unspecified vectors. The issue may allow attackers to bypass TLS policy and...

7.5CVSS7.3AI score0.02118EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/05/13 2:0 p.m.31 views

CVE-2016-2850

Botan 1.11.x before 1.11.29 does not enforce TLS policy for 1 signature algorithms and 2 ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

7.4AI score0.02118EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.80 views

F5 Networks BIG-IP : Samba vulnerabilities (K37603172) (Badlock)

CVE-2015-5370 Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumption, or possibly execute arbitra...

7.5CVSS7.3AI score0.3693EPSS
Exploits0References3
NVD
NVD
added 2016/04/25 12:59 a.m.16 views

CVE-2016-2112

The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream...

5.9CVSS6.6AI score0.09345EPSS
Exploits0References37
Rows per page
Query Builder