Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.125 views

OpenSSL 3.1.0 < 3.1.6 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.1.6 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...

7.5CVSS7.2AI score0.54026EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.123 views

OpenSSL 3.2.0 < 3.2.2 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.2 advisory. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the function...

7.5CVSS7.2AI score0.54026EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.187 views

OpenSSL 1.1.1 < 1.1.1y Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1y. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1y advisory. - Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impac...

7.5CVSS7.4AI score0.54026EPSS
Exploits0References4
OpenSSL
OpenSSL
added 2015/03/19 12:0 a.m.32 views

Vulnerability in OpenSSL - Empty CKE with client auth and DHE

Empty CKE with client auth and DHE. If client auth is used then a server can seg fault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. Found by Matt Caswell OpenSSL development team...

6.3AI score0.07352EPSS
Exploits0Affected Software1
OpenSSL
OpenSSL
added 2015/03/10 12:0 a.m.41 views

Vulnerability in OpenSSL - Handshake with unseeded PRNG

Under certain conditions an OpenSSL 1.0.2 client can complete a handshake with an unseeded PRNG. If the handshake succeeds then the client random that has been used will have been generated from a PRNG with insufficient entropy and therefore the output may be predictable. Found by Matt Caswell...

6.4AI score0.05745EPSS
Exploits0Affected Software1
Rows per page
Query Builder