147 matches found
CVE-2022-36765 affecting package hvloader for versions less than 1.0.1-3
CVE-2022-36765 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
CVE-2022-36763 affecting package hvloader for versions less than 1.0.1-3
CVE-2022-36763 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3
CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3
CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3
CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
AZL-42337 CVE-2024-1298 affecting package hvloader for versions less than 1.0.1-3
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability...
AZL-47684 CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...
CVE-2022-4304 affecting package hvloader for versions less than 1.0.1-2
CVE-2022-4304 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...
CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2
CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...
CVE-2022-4450 affecting package hvloader for versions less than 1.0.1-2
CVE-2022-4450 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...
CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2
CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is available...
AZL-47670 CVE-2023-6237 affecting package hvloader for versions less than 1.0.1-6
Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...
AZL-47649 CVE-2024-2511 affecting package hvloader for versions less than 1.0.1-6
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
AZL-47703 CVE-2024-28960 affecting package hvloader for versions less than 1.0.1-6
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...
AZL-47697 CVE-2024-23170 affecting package hvloader for versions less than 1.0.1-6
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, a...
AZL-47655 CVE-2024-23775 affecting package hvloader for versions less than 1.0.1-6
Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service DoS via mbedtlsx509setextension...
AZL-39541 CVE-2023-45237 affecting package hvloader for versions less than 1.0.1-3
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
AZL-39319 CVE-2023-45235 affecting package hvloader for versions less than 1.0.1-9
EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or...
AZL-39355 CVE-2023-45233 affecting package hvloader for versions less than 1.0.1-9
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...
AZL-39388 CVE-2023-45236 affecting package hvloader for versions less than 1.0.1-3
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...