Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

seebug.org
seebug.orgadded 2017/03/28 12:0 a.m.28 views

APPLE OS X AND IOS X509 CERTIFICATE PARSING NAME CONSTRAINTS REMOTE CODE EXECUTION VULNERABILITY

When a client establishes a secure connection to a server, the server presents an x509 certificate which the client must validate.On Apple macOS, most client applications will use macOS’s certificate validation agent, at which point the malicious certificate will be parsed by the vulnerable code...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2015/11/24 12:0 a.m.43 views

Oracle Linux 7 : ntp (ELSA-2015-2231)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2231 advisory. - check origin timestamp before accepting KoD RATE packet CVE-2015-7704 - allow only one step larger than panic threshold with -g CVE-2015-5300 -...

7.5CVSS6.6AI score0.36837EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2015/11/19 4:3 a.m.2 views

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

7.2AI score
Exploits0References5
RedHat Linux
RedHat Linuxadded 2015/11/19 4:3 a.m.0 views

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

5.8CVSS7.2AI score0.04426EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2015/10/28 12:0 a.m.105 views

Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p4 Multiple Vulnerabilities

The version of the remote NTP server is 3.x or 4.x prior to 4.2.8p4. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ntpcrypto.c file due to improper validation of the 'vallen' value in extension fields. An unauthenticated, remote attacker can exploit this, vi...

9.8CVSS7.1AI score0.83579EPSS
Exploits8References22
RedHat Linux
RedHat Linuxadded 2015/07/21 10:15 a.m.2 views

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

5.8CVSS7.2AI score0.04426EPSS
Exploits0References5
Ubuntu
Ubuntuadded 2015/02/09 5:32 p.m.98 views

USN-2497-1: NTP vulnerabilities

Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. CVE-2014-9297 Steph...

7AI score
Exploits0
Rows per page
Query Builder