Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4358

Malware in sbrugna...

5.9CVSS6.1AI score0.01496EPSS
Exploits0References10
NVD
NVD
added 2019/04/29 3:29 p.m.24 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS5.6AI score0.01496EPSS
Exploits0References2
Prion
Prion
added 2019/04/29 3:29 p.m.22 views

Design/Logic Flaw

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

4.3CVSS5.7AI score0.01496EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/04/29 3:29 p.m.32 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS6.5AI score0.01496EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/04/29 2:22 p.m.22 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9AI score0.01496EPSS
Exploits0References2
CVE
CVE
added 2019/04/29 2:22 p.m.251 views

CVE-2018-12384

The CVE-2018-12384 issue affects Mozilla NSS (as used by Firefox) where handling an SSLv2-compatible ClientHello uses an all-zero random value instead of a fresh one, enabling malleability and potential information leakage in TLS 1.2 on affected NSS versions prior to 3.39. The vulnerability does ...

5.9CVSS5.9AI score0.01496EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/04/29 2:22 p.m.23 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS6.3AI score0.01496EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/04/29 2:22 p.m.42 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS6.2AI score0.01496EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.20 views

Fedora 29 : ca-certificates (2018-da018e6fb9)

This is an update to Mozilla's CA certificates list version 2.26, which has been published as part of Mozilla NSS 3.39. For additional details, please refer to the NSS 3.39 release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.39 releasenotes Note that Tenable Network...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.12 views

Fedora 28 : ca-certificates (2018-ff58779d1b)

This is an update to Mozilla's CA certificates list version 2.26, which has been published as part of Mozilla NSS 3.39. For additional details, please refer to the NSS 3.39 release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.39 releasenotes Note that Tenable Network...

5.4AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/09/04 12:0 a.m.24 views

CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...

5.9CVSS6.5AI score0.01496EPSS
Exploits0References5
Rows per page
Query Builder