Lucene search
K

5 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:29 p.m.126 views

K16126: OpenSSL vulnerability CVE-2014-3572

Security Advisory Description The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

5CVSS6.5AI score0.06574EPSS
Exploits0Affected Software11
NVD
NVD
added 2015/08/20 10:59 a.m.32 views

CVE-2015-0533

EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-35...

7.5CVSS5.9AI score0.00801EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/01/16 12:0 a.m.55 views

OpenSSL 0.9.8 < 0.9.8zd Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 0.9.8zd. It is, therefore, affected by multiple vulnerabilities as referenced in the 0.9.8zd advisory. - The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the...

5CVSS7.5AI score0.98685EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2015/01/16 12:0 a.m.72 views

OpenSSL 1.0.0 < 1.0.0p Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.0p. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.0p advisory. - Memory leak in the dtls1bufferrecord function in d1pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote...

5CVSS7.6AI score0.98685EPSS
Exploits0References17
Debian
Debian
added 2015/01/11 1:16 p.m.70 views

[SECURITY] [DLA 132-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze19 CVE ID : CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues:...

5CVSS7AI score0.98685EPSS
Exploits0
Rows per page
Query Builder