Design/Logic Flaw

The Layer 4 Redirect L4R feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service device reload via malformed 1 IPv4 or 2 IPv6 packets, aka B...

USN-2547-1 mono vulnerabilities

It was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. CVE-2015-2318 It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A...

openssl: invalid pointer use in ASN1_TYPE_cmp()

An invalid pointer use flaw was found in OpenSSL's ASN1TYPEcmp function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application...

openssl: assertion failure in SSLv2 servers

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled...

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

OpenDaylight l2switch Security Bypass Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security bypass vulnerability exists in...

PT-2016-1330 · Openssl +6 · Openssl +7

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a Description: The issue allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS...

PT-2016-1366 · Openssl +6 · Openssl +7

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8zf OpenSSL versions 1.0.0 prior to 1.0.0r OpenSSL versions 1.0.1 prior to 1.0.1m OpenSSL versions 1.0.2 prior to 1.0.2a Description: The issue is related to the get client master key function in the SSLv2...

Python Restkit TLS Certificate Validation Security Bypass Vulnerability

Python is an object-oriented, straightforward computer programming language. A security vulnerability exists in Python Restkit TLS certificate validation. This allows attackers to exploit the vulnerability to obtain sensitive information via a man-in-the-middle attack...

UBUNTU-CVE-2015-2320

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback...

Wireshark LLDP Dissector Denial of Service Vulnerability

Wireshark is an open source network protocol analysis tool. The Wireshark LLDP parser epan/proto.c function fails to properly handle integer data types, allowing an attacker to exploit the vulnerability by submitting a special message to crash the application...

Unspecified Vulnerability in Secure Transport for Multiple Apple Products

Apple iOS, Apple TV, and Apple OS X are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Apple TV is a high-definition television set-top box; and Apple OS X is a specialized operating system developed for Mac computers. A security vulnerability exists in Secu...

Microsoft Secure Channel Man-in-the-Middle Security Bypass Vulnerability

Microsoft Windows is a popular operating system. Microsoft Secure Channel in Windows fails to properly restrict tls state transitions, allowing attackers to exploit vulnerabilities to submit special tls communications for freak attacks that can drop the encryption level to exportrsa encryption,...

CXF: SSL hostname verification bypass, incomplete CVE-2012-5783 fix

It was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...

UBUNTU-CVE-2015-2190

epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted packet that is improperly handled by the LLDP dissector...

Moderate: Red Hat Security Advisory: ipa security, bug fix, and enhancement update

Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

SSL/TLS Cryptographic Degradation Man-in-the-Middle Hijacking Vulnerability

SSL/TLS is a cryptographic application. SSL/TLS has a security vulnerability that can lead to an attack known as FREAK Factoring RSA Export Keys, which can be exploited by an attacker to reduce the level of encryption and decrypt communications through a man-in-the-middle attack...

foreman-proxy: failure to verify SSL certificates

It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted...

[SECURITY] Fedora 21 Update: libuv-0.10.34-1.fc21

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

Komodia SDK for Komodia Redirector with SSL Digestor Encryption Issue Vulnerability

Komodia SDK for Komodia Redirector with SSL Digestor is a suite of redirection platform tools for executing data using SSL encryption and dynamic SSL decryption from Komodia, Israel. The Komodia SDK for Komodia Redirector with SSL Digestor suffers from a cryptographic issue vulnerability that...