Lucene search
K

53 matches found

Vulnrichment
Vulnrichment
added 2026/01/28 7:30 p.m.4 views

CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.8AI score0.00276EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/01/28 7:30 p.m.6 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS7.3AI score0.00276EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/01/28 7:30 p.m.5 views

CVE-2025-61730

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS8.1AI score0.00276EPSS
Exploits0
Cvelist
Cvelist
added 2026/01/28 7:30 p.m.31 views

CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

0.00276EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-13456

Malware in sbrugna...

7.5CVSS6.6AI score0.03401EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

Siemens多款产品 安全漏洞

Siemens RUGGEDCOM i800 and others are a switch from Siemens, a German company. A security vulnerability exists in various Siemens products that stems from improper handling of malformed TLS handshake messages, which could result in a denial of service. The following products and versions are...

6.9CVSS6.3AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 8:15 p.m.1 views

DEBIAN-CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

3.7CVSS5.2AI score0.00442EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/07 12:48 p.m.10 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.7AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/07/17 6:49 p.m.7 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.7AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/04/04 3:23 p.m.7 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.7AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/03/06 5:58 p.m.2 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.7AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/02/27 10:34 p.m.6 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.6AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/02/20 11:6 a.m.6 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.6AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/01/30 2:13 p.m.3 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.6AI score0.9378EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2024/01/25 3:36 p.m.4 views

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

5.9CVSS6.6AI score0.9378EPSS
Exploits4References6
OSV
OSV
added 2023/09/08 5:15 p.m.3 views

UBUNTU-CVE-2023-39322

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS6.8AI score0.01137EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2023/09/08 4:13 p.m.72 views

CVE-2023-39322

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS7.8AI score0.01137EPSS
Exploits0
Snyk
Snyk
added 2023/09/07 4:12 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview std/crypto/tls is a Go standard library package std/crypto/tls Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: QUIC connections do not set an upper bound on the amount of data buffered when reading...

8.7CVSS6.8AI score0.01137EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.11 views

PT-2023-26883 · Quic +6 · Quic +6

Name of the Vulnerable Software and Affected Versions: QUIC affected versions not specified Description: The issue allows a malicious QUIC connection to cause unbounded memory growth due to the lack of an upper bound on the amount of data buffered when reading post-handshake messages. With the fi...

9.8CVSS7.6AI score0.99999EPSS
Exploits28References302
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.2 views

SUSE CVE-2019-3836

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...

5.9CVSS7.8AI score0.03401EPSS
Exploits1References22
Rows per page
Query Builder