Lucene search
+L

45 matches found

ubuntucve
ubuntucve
added 2026/05/22 12:0 a.m.15 views

CVE-2026-39829

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7924

Malware in sbrugna...

7.5CVSS7.6AI score0.04693EPSS
Exploits1References19
nessus
nessus
added 2024/05/15 12:0 a.m.31 views

Amazon Linux 2 : golang, --advisory ALAS2-2024-2545 (ALAS-2024-2545)

The version of golang installed on the remote host is prior to 1.13.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2545 advisory. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key...

7.5CVSS7AI score0.04693EPSS
Exploits1References4
nessus
nessus
added 2024/05/13 12:0 a.m.33 views

Amazon Linux AMI : golang (ALAS-2024-1938)

The version of golang installed on the remote host is prior to 1.13.4-1.57. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1938 advisory. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...

7.5CVSS7AI score0.04693EPSS
Exploits1References4
nessus
nessus
added 2024/01/11 12:0 a.m.32 views

Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0217)

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References5
oraclelinux
oraclelinux
added 2023/03/01 12:0 a.m.60 views

openssl security update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

7.5CVSS7.3AI score0.59501EPSS
Exploits0
oraclelinux
oraclelinux
added 2023/02/28 12:0 a.m.141 views

openssl security and bug fix update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

7.5CVSS7.3AI score0.59501EPSS
Exploits0
osv
osv
added 2023/02/28 12:0 a.m.42 views

ALSA-2023:0946 Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

7.5CVSS7.6AI score0.59501EPSS
Exploits0References18
f5
f5
added 2023/02/27 4:22 a.m.49 views

K000132765: OpenSSL vulnerabilities CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401

Security Advisory Description CVE-2022-4203 A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or...

7.5CVSS6.8AI score0.01846EPSS
Exploits0
f5
f5
added 2023/02/14 8:39 p.m.49 views

K000132537: OpenSSL vulnerabilities CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401

Security Advisory Description CVE-2022-4203 A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or...

7.5CVSS6.8AI score0.01846EPSS
Exploits0
osv
osv
added 2023/02/08 10:22 p.m.30 views

GHSA-VXRH-CPG7-8VJR openssl-src subject to NULL dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References5
nvd
nvd
added 2023/02/08 8:15 p.m.25 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.2AI score0.01846EPSS
Exploits0References4
prion
prion
added 2023/02/08 8:15 p.m.19 views

Null pointer dereference

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

5CVSS7.1AI score0.01846EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2023/02/08 7:2 p.m.45 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS6.8AI score0.01846EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/02/08 7:2 p.m.3 views

CVE-2023-0217 NULL dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

6.9AI score0.01846EPSS
Exploits0References3
cvelist
cvelist
added 2023/02/08 7:2 p.m.19 views

CVE-2023-0217 NULL dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.4AI score0.01846EPSS
Exploits0References3
osv
osv
added 2023/02/08 7:2 p.m.22 views

CVE-2023-0217 NULL dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.3AI score0.01846EPSS
Exploits0References6
alpinelinux
alpinelinux
added 2023/02/08 7:2 p.m.53 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.6AI score0.01846EPSS
Exploits0
redhatcve
redhatcve
added 2023/02/07 5:30 p.m.34 views

CVE-2023-0217

A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted...

7.5CVSS7.1AI score0.01846EPSS
Exploits0References3
rustsec
rustsec
added 2023/02/07 12:0 p.m.36 views

`NULL` dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.1AI score0.01846EPSS
Exploits0Affected Software1
Rows per page
Query Builder