Unspecified Vulnerability in Oracle SOA Suite Fabric Layer Subcomponent

Oracle SOA Suite is a comprehensive, hot-pluggable software suite for building, deploying, and managing service-oriented architectures SOA. A security vulnerability exists in the Oracle SOA Suite Fabric Layer subcomponent that could be exploited by remote attackers to compromise system...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

CVE-2015-0414

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

CVE-2015-0414

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

Design/Logic Flaw

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

CVE-2015-0414

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

CVE-2015-0414

CVE-2015-0414 describes an unspecified vulnerability in the Oracle SOA Suite Fabric Layer subcomponent within Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0. The issue permits remote authenticated users to affect confidentiality via unknown vectors related to the Fabric Layer. Connected records c...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

[SECURITY] [DSA 3125-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3125-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 11, 2015 http://www.debian.org/security/faq -...

DEBIAN-CVE-2015-0564

Buffer underflow in the ssldecryptrecord function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service application crash via a crafted packet that is improperly handled during decryption of an SSL...

UBUNTU-CVE-2015-0564

Buffer underflow in the ssldecryptrecord function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service application crash via a crafted packet that is improperly handled during decryption of an SSL...

DEBIAN-CVE-2014-3572

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message...

Wireshark TLS/SSL Decryption Denial of Service Vulnerability

Wireshark is an open source network protocol analysis tool. A denial of service vulnerability exists in Wireshark TLS/SSL because it fails to properly handle certain types of packets. An attacker could exploit this vulnerability to crash the affected application and deny service to legitimate use...

OpenSSL no-ssl3 option null pointer reference vulnerability

OpenSSL is an open source SSL implementation used to implement strong encryption for network communications. A null pointer reference vulnerability exists in the OpenSSL no-ssl3 option, when OpenSSL is built with the no-ssl3 option, the SSL mode is set to NULL when SSL v3 ClientHello is received,...

McAfee Email Gateway - Three SSLv3 Vulnerabilities

McAfee Email Gateway is vulnerable to one or more of the three Open Secure Sockets Layer OpenSSL 3.0 SSLv3 vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

IBM Security Access Manager Information Disclosure Vulnerability (CNVD-2014-09199)

IBM Security Access Manager software is a highly scalable user authentication, authorization and Web SSO solution for implementing security policies on a variety of Web and application resources, centralized management of online portals. An information disclosure vulnerability exists in IBM...

[SECURITY] Fedora 19 Update: libuv-0.10.29-1.fc19

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

[SECURITY] Fedora 20 Update: libuv-0.10.29-1.fc20

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...