Lucene search
K

147 matches found

CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.27 views

CVE-2022-36765 affecting package hvloader for versions less than 1.0.1-3

CVE-2022-36765 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...

7.8CVSS7.8AI score0.00287EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.22 views

CVE-2022-36763 affecting package hvloader for versions less than 1.0.1-3

CVE-2022-36763 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...

7.8CVSS7.9AI score0.00288EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.24 views

CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3

CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...

7.5CVSS6.8AI score0.00986EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.22 views

CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3

CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...

7.8CVSS7.8AI score0.00287EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.24 views

CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3

CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...

6CVSS7AI score0.00217EPSS
Exploits0
OSV
OSV
added 2024/05/30 9:15 p.m.6 views

AZL-42337 CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3

EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability...

6CVSS6.7AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.7 views

AZL-47684 CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2024/05/14 5:6 a.m.20 views

CVE-2022-4304 affecting package hvloader for versions less than 1.0.1-2

CVE-2022-4304 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...

5.9CVSS7.7AI score0.16195EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/05/14 5:6 a.m.23 views

CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2

CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...

7.5CVSS8.3AI score0.04494EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/05/14 5:6 a.m.20 views

CVE-2022-4450 affecting package hvloader for versions less than 1.0.1-2

CVE-2022-4450 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...

7.5CVSS8.3AI score0.20444EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/05/14 5:6 a.m.19 views

CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2

CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...

7.4CVSS8.2AI score0.59501EPSS
Exploits0
OSV
OSV
added 2024/04/25 7:15 a.m.8 views

AZL-47670 CVE-2023-6237 affecting package hvloader for versions less than 1.0.1-6

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

5.9CVSS6.5AI score0.02303EPSS
Exploits0References1
OSV
OSV
added 2024/04/08 2:15 p.m.6 views

AZL-47649 CVE-2024-2511 affecting package hvloader for versions less than 1.0.1-6

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

5.9CVSS6.6AI score0.54026EPSS
Exploits0References1
OSV
OSV
added 2024/03/29 6:15 a.m.6 views

AZL-47703 CVE-2024-28960 affecting package hvloader for versions less than 1.0.1-6

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

8.2CVSS5.7AI score0.0084EPSS
Exploits0References1
OSV
OSV
added 2024/01/31 8:15 a.m.7 views

AZL-47697 CVE-2024-23170 affecting package hvloader for versions less than 1.0.1-6

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...

5.5CVSS6AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2024/01/31 8:15 a.m.7 views

AZL-47655 CVE-2024-23775 affecting package hvloader for versions less than 1.0.1-6

Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service DoS via mbedtlsx509setextension...

7.5CVSS5.8AI score0.0112EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 4:15 p.m.7 views

AZL-39541 CVE-2023-45237 affecting package hvloader for versions less than 1.0.1-3

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

7.5CVSS6.9AI score0.00986EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 4:15 p.m.5 views

AZL-39319 CVE-2023-45235 affecting package hvloader for versions less than 1.0.1-9

EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or...

8.8CVSS7.2AI score0.01213EPSS
Exploits1References1
OSV
OSV
added 2024/01/16 4:15 p.m.6 views

AZL-39355 CVE-2023-45233 affecting package hvloader for versions less than 1.0.1-9

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.7AI score0.02084EPSS
Exploits1References1
OSV
OSV
added 2024/01/16 4:15 p.m.5 views

AZL-39388 CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

7.5CVSS7AI score0.00986EPSS
Exploits0References1
Rows per page
Query Builder