20 matches found
OPENSUSE-SU-2026:20581-1 Security update for nebula
This update for nebula fixes the following issues: Changes in nebula: - Update to version 1.10.3: Fix an issue where blocklist bypass is possible when using curve P256 Any newly issued P256 based certificates will have their signature clamped to the low-s form. Nebula will assert the low-s...
📄 crypto/x509 TLS Certificate Parsing
This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. It programmatically generates a self-signed certificate containing a very large number of Subject Alternative Names SANs and configures an HTTP client ...
Amazon Linux 2 : golang-github-cpuguy83-go-md2man, --advisory ALAS2-2026-3137 (ALAS-2026-3137)
The version of golang-github-cpuguy83-go-md2man installed on the remote host is prior to 1.0.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3137 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service wh...
Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API
Summary multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API Vulnerability Details CVEID:CVE-2024-30172 DESCRIPTION: An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature...
PT-2024-12399 · Openssl · Openssl
Name of the Vulnerable Software and Affected Versions: OpenSSL affected versions not specified Description: The issue is related to a transient Denial of Service DOS that occurs while processing IE fragments from a server during a DTLS handshake. Recommendations: At the moment, there is no...
Contiki-NG Security Vulnerability
Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from an infinite loop error during processing of ClientHello handshake message...
SUSE CVE-2011-3210
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service daemon crash via out-of-order messages that violate t...
MGASA-2022-0168 Updated python-twisted packages fix security vulnerability
CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...
Security Bulletin: IBM Rational ClearCase CCRC WAN Server remote denial of service (CVE-2013-6329)
Summary A vulnerability in relation to SSL/TLS Handshake Processing has been discovered related to the SSLV3 Session Resumption when using SSLV2. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more informati...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...
UBUNTU-CVE-2016-8610
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail...
OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 7, allows remote attackers to affect availability via vectors related to JSSE. NOTE: the previous...