Lucene search
K

23 matches found

Amazon
Amazon
added 2026/02/19 12:0 a.m.7 views

Medium: runfinch-finch

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.8AI score0.01945EPSS
Exploits3
Amazon
Amazon
added 2026/02/18 12:0 a.m.9 views

Medium: runc

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS8.3AI score0.01945EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/02/08 1:22 a.m.9 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS8.2AI score0.00276EPSS
Exploits0References1
Amazon
Amazon
added 2026/02/05 12:0 a.m.8 views

Medium: containerd

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS6.7AI score0.01945EPSS
Exploits2
OSV
OSV
added 2026/01/31 8:43 a.m.5 views

BIT-GOLANG-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS7.2AI score0.00276EPSS
Exploits0References5
NVD
NVD
added 2026/01/28 8:16 p.m.6 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS0.00276EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/28 8:16 p.m.7 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS6.8AI score0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 7:30 p.m.32 views

CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

0.00276EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/28 7:30 p.m.4 views

CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.8AI score0.00276EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/01/28 7:30 p.m.5 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS8.1AI score0.00276EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/28 7:30 p.m.6 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS7.3AI score0.00276EPSS
Exploits0
Snyk
Snyk
added 2026/01/28 7:8 p.m.5 views

Incorrect Behavior Order: Early Validation

Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation. Go Vulnerability Report: During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level...

5.3CVSS7.2AI score0.00276EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:21 a.m.7 views

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

9.1CVSS7.1AI score0.00406EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2026-2489

Name of the Vulnerable Software and Affected Versions Go affected versions not specified Description A flaw exists where downloading and building modules with malicious version strings can lead to local code execution. Systems utilizing Mercurial hg are susceptible to unexpected code execution wh...

9.8CVSS7.4AI score0.00335EPSS
Exploits0
NVD
NVD
added 2024/08/02 6:16 p.m.10 views

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

9.1CVSS0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/02 12:0 a.m.19 views

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

0.00406EPSS
Exploits0References2
CVE
CVE
added 2024/08/02 12:0 a.m.35 views

CVE-2024-38883

Summary (CVE-2024-38883): Horizon Business Services Inc. Caterease v16.0.1.1663–v24.0.1.2405 (and possibly later) may be vulnerable to a remote, network-based attack due to negotiating with a less-secure encryption algorithm, enabling a Drop Encryption Level attack. The issue is described across ...

9.1CVSS7.1AI score0.00406EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/02 12:0 a.m.15 views

CVE-2024-38883

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation...

7.3AI score0.00406EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.14 views

Microsoft Windows: Client connection encryption level (Remote Desktop Services)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrdhostclientencrlevel.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Set client connection encryption level Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...

7.3AI score
Exploits0
Citrix
Citrix
added 2017/01/18 12:0 a.m.7 views

FAQ: Cloud backup of XenMobile managed devices

Is the Worx data encrypted within the backup? If so what is the encryption level? Yes, as Xenmobile uses the iCloud services from Apple for backing up the data: iCloud secures your data by encrypting it when it's sent over the Internet, storing it in an encrypted format when kept on server review...

6.6AI score
Exploits0
Rows per page
Query Builder