Lucene search
K

4 matches found

Broadcom
Broadcom
added 2018/10/30 12:0 a.m.17 views

BSA-2018-737

Security Advisory ID : BSA-2018-737 Component : OpenSSL Revision : 2.0: Final The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a-dev...

5.9CVSS6.8AI score0.12154EPSS
Exploits0
Broadcom
Broadcom
added 2018/08/22 12:0 a.m.23 views

BSA-2018-698

Security Advisory ID : BSA-2018-698 Component : OpenSSH Revision : 2.0: Final OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c...

5.9CVSS6.9AI score0.98631EPSS
Exploits23
Broadcom
Broadcom
added 2018/02/27 12:0 a.m.20 views

BSA-2018-538

Security Advisory ID : BSA-2018-538 Component : OpenSSH Revision : 2.0: Final The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. Affected Products Security updates have be...

5.3CVSS7AI score0.03359EPSS
Exploits0
Broadcom
Broadcom
added 2018/01/22 12:0 a.m.24 views

BSA-2018-527

Summary OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for...

1.4AI score
Exploits0Affected Software2
Rows per page
Query Builder