Lucene search
+L

191 matches found

Tenable Nessus
Tenable Nessus
added 2014/10/17 12:0 a.m.45 views

CentOS 5 : openssl (CESA-2014:1653) (POODLE)

Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL,...

4.3CVSS6.3AI score0.99999EPSS
Exploits7References3
Prion
Prion
added 2014/10/08 7:55 p.m.13 views

Cross site request forgery (csrf)

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

4.3CVSS6.7AI score0.02015EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2014/10/08 7:0 p.m.57 views

CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

4.3CVSS4.9AI score0.02015EPSS
Exploits0
OSV
OSV
added 2014/08/12 9:16 a.m.11 views

MGASA-2014-0325 Updated openssl packages fix security vulnerabilities

A flaw in OBJobj2txt may cause pretty printing functions such as X509nameoneline, X509nameprintex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected...

7.5CVSS6.2AI score0.7408EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2014/01/29 11:43 p.m.35 views

USN-2091-1: OTR vulnerabilities

This update disables the OTR v1 protocol to prevent protocol downgrade attacks...

5.3AI score
Exploits0References1
NVD
NVD
added 2013/03/20 4:55 p.m.19 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

5CVSS6.4AI score0.02947EPSS
Exploits0References8
Prion
Prion
added 2013/03/20 4:55 p.m.22 views

Code injection

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

5CVSS7AI score0.02947EPSS
Exploits0References8Affected Software3
UbuntuCve
UbuntuCve
added 2013/03/12 6:0 p.m.29 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors...

5CVSS5.9AI score0.02947EPSS
Exploits0References2
NVD
NVD
added 2013/01/09 6:9 p.m.34 views

CVE-2013-0013

The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle encrypted packets, which allows man-in-the-middle attackers to conduct SSLv2 downgrade attacks agains...

5.8CVSS6.2AI score0.06351EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2013/01/09 6:9 p.m.3 views

CVE-2013-0013

The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle encrypted packets, which allows man-in-the-middle attackers to conduct SSLv2 downgrade attacks agains...

5.8CVSS5.5AI score0.06351EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/11/08 8:9 p.m.104 views

Moderate: Red Hat Security Advisory: pki security and enhancement update

Updated pki-ca, pki-util, and pki-common packages that fix three security issues and add several enhancements are now available for Red Hat Certificate System 8. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...

9.8CVSS6.4AI score0.09854EPSS
Exploits0References4
Rows per page
Query Builder