16 matches found
OSV-2026-105 Use-of-uninitialized-value in pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476187680 Crash type: Use-of-uninitialized-value Crash state: pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toString pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toStringAndMD5...
EUVD-2024-51961
Malicious code in bioql PyPI...
CVE-2024-53379
Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version from 05/05/24 commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message...
CVE-2024-22590
The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established...
CVE-2024-53379
Real Time Logic SharkSSL (embedded SSL/TLS) is affected by a heap buffer overflow in the server site handshake code, starting from the 05/05/24 version (commit 64808a5e12c83b38f85c943dee0112e428dc2a43). The vulnerability allows a remote attacker to trigger a Denial-of-Service via a malformed Clie...
PT-2024-25939 · Unknown · Faucet Sdn Ryu
Name of the Vulnerable Software and Affected Versions: Faucet SDN Ryu version 4.34 Description: The issue allows attackers to cause a denial of service, resulting in an infinite loop, via a specific condition where length=0. This is related to the OFPHello function in the parser.py file...
CVE-2021-42074
An issue was discovered in Barrier before 2.3.4. An unauthenticated attacker can cause a segmentation fault in the barriers component aka the server-side implementation of Barrier by quickly opening and closing TCP connections while sending a Hello message for each TCP session...
Fortinet Single Sign On collectoragent.exe stack buffer overflow vulnerability
Fortinet Single Sign On FSSO is a single sign-on solution for Fortinet devices. A stack buffer overflow vulnerability in collectoragent.exe in versions prior to Fortinet Single Sign On FSSO build 164 allows remote attackers to send a specially crafted PROCESSHELLO message to TCP port 8000 to...
Vulnerability in OpenSSL - Crash with SRP ciphersuite in Server Hello message
A crash was found affecting SRP ciphersuites used in a Server Hello message. The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference read by specifying an SRP ciphersuite even though it was not properly negotiated with the client. This...
SOL15343 - OpenSSL vulnerability CVE-2014-0221
The dtls1getmessagefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service recursion and client crash via a DTLS hello message in an invalid DTLS handshake. CVE-2014-0221...
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long string in an invalid Client Hello message...
FreeBSD Ports: nss
The remote host is missing an update to the system as announced in the referenced advisory. VID 207f8ff3-f697-11d8-81b0-000347a4fa7d OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2008-1950
Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...
CVE-2008-1950
Integer signedness error in the gnutlsciphertext2compressed function in lib/gnutlscipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service buffer over-read and crash via a certain integer value in the Random field in an encrypted Client Hello message withi...
MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow (Metasploit)
MySQL 6.0 yaSSL 1.7.5 - Hello Message Buffer Overflow Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services NSS library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message...