34 matches found
CVE-2026-6328 XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets
Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux QUIC protocol implementation, packet processing module, STREAM frame handler modules allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3...
CVE-2026-6328 XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets
Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux QUIC protocol implementation, packet processing module, STREAM frame handler modules allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3...
EUVD-2026-9427
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the...
CVE-1999-0601
A network intrusion detection system IDS does not properly handle data within TCP handshake packets...
EUVD-1999-0584
Malware in sbrugna...
EUVD-2021-24911
Malware in sbrugna...
EUVD-2013-5445
Malware in sbrugna...
SUSE CVE-2013-5605
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...
CVE-2021-38459
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user...
Code injection
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user...
CVE-2021-38459
CVE-2021-38459 affects AUVESY Versiondog. The vulnerability allows authentication at SYSDBA level by capturing initial handshake data and replaying it, provided a specific executable isn’t restarted frequently. Impact per sources includes the ability to change user passwords or delete the databas...
Denial Of Service (DoS)
nss is vulnerable to denial of service DoS attacks. The vulnerability exists as Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...
RHEL 6 : nss (RHSA-2013:1840)
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2, 6.3, and 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140813)
A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...
openssl security update
CentOS Errata and Security Advisory CESA-2014:1052 Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...
Important: nspr
Issue Overview: A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. CVE-2013-5605 It was found that the f...
nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...
nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...
nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
Mozilla Network Security Services NSS 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets...