Lucene search
K

41 matches found

redhatcve
redhatcve
added 2026/01/07 9:38 a.m.9 views

CVE-1999-0835

Denial of service in BIND named via malformed SIG records...

10CVSS6.9AI score0.01456EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-3820

Malware in sbrugna...

2.1CVSS6.8AI score0.04623EPSS
Exploits8References28
nessus
nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2009-0130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/crypto/csrc/cryptodrv.c in erlang does not properly check the return value from the OpenSSL DSAdoverify function, which might allow remote attackers to bypa...

7.5CVSS5.7AI score0.0122EPSS
Exploits1References2
nessus
nessus
added 2024/06/03 12:0 a.m.57 views

RHEL 4 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bind: deleted domain name resolving flaw CVE-2012-1033 - bind: malformed signature records for DNAME...

8.6CVSS7.8AI score0.91284EPSS
Exploits20References8
nessus
nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 8 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Cache side-channel variant of the Bleichenbacher attack CVE-2018-12404 - nss: Information exposure...

6.5CVSS6.8AI score0.84424EPSS
Exploits0References4
nessus
nessus
added 2024/05/11 12:0 a.m.33 views

RHEL 8 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Cache side-channel variant of the Bleichenbacher attack CVE-2018-12404 - In Network Security Service...

6.5AI score0.44398EPSS
Exploits0References2
veracode
veracode
added 2024/01/30 6:59 p.m.53 views

Protection Mechanism Failure

dotnet is vulnerable to Protection Mechanism Failure. The vulnerability is due to improper validation of X.509 certificates, allowing an attacker to submit a certificate containing a malformed signature which returns an incorrect failure code. While the certificate will be correctly rejected, an...

9.8CVSS9.3AI score0.02778EPSS
Exploits0References6Affected Software7
susecve
susecve
added 2023/02/15 6:7 a.m.4 views

SUSE CVE-2008-3834

The dbussignaturevalidate function in the D-bus library libdbus before 1.2.4 allows remote attackers to cause a denial of service application abort via a message containing a malformed signature, which triggers a failed assertion error...

2.1CVSS6.9AI score0.04623EPSS
Exploits8References7
ivanti
ivanti
added 2023/02/14 7:22 a.m.20 views

JSA10396 - Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) - OpenSSL - Incorrect checks for malformed signatures on DSA and ECDSA keys used with SSL/TLS on backend servers. CVE-2008-5077.

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Several functions inside OpenSSL incorrectly checked the result after calling the EVPVerifyFinal function, allowing a malformed signature to be treated as a good signature rather than ...

5.8CVSS6.8AI score0.05146EPSS
Exploits1
redhat
redhat
added 2022/11/22 3:4 p.m.4 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
nessus
nessus
added 2022/11/17 12:0 a.m.57 views

Rocky Linux 8 : bind9.16 (RLSA-2022:6781)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6781 advisory. - By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to...

7.5CVSS7AI score0.02299EPSS
Exploits0References7
redhat
redhat
added 2022/10/04 3:40 p.m.4 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
redhat
redhat
added 2022/10/04 3:38 p.m.7 views

bind: memory leak in ECDSA DNSSEC verification code

A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program...

7.5CVSS7.1AI score0.02299EPSS
Exploits0References5
redhat
redhat
added 2022/10/03 4:4 p.m.9 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
redhat
redhat
added 2022/10/03 3:35 p.m.8 views

bind: memory leak in ECDSA DNSSEC verification code

A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program...

7.5CVSS7.1AI score0.02299EPSS
Exploits0References5
redhat
redhat
added 2022/10/03 3:30 p.m.6 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
redhatcve
redhatcve
added 2022/09/21 1:19 p.m.45 views

CVE-2022-38178

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS2.1AI score0.02176EPSS
Exploits0References4
osv
osv
added 2022/09/21 11:15 a.m.6 views

AZL-39986 CVE-2022-38177 affecting package dhcp for versions less than 4.4.3-2

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.2AI score0.02299EPSS
Exploits0References1
nessus
nessus
added 2021/03/10 12:0 a.m.31 views

EulerOS Virtualization 3.0.2.6 : nss (EulerOS-SA-2021-1416)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...

7.5CVSS6.5AI score0.03854EPSS
Exploits0References3
osv
osv
added 2020/10/22 9:15 p.m.12 views

CVE-2018-18508

In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service...

6.5CVSS7.7AI score
Exploits0References4
Rows per page
Query Builder