Lucene search
K

277 matches found

OSV
OSV
added 2014/11/26 12:0 a.m.4 views

UBUNTU-CVE-2014-9087

Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...

7.5CVSS7.6AI score0.05167EPSS
Exploits0References5
OSV
OSV
added 2014/06/10 2:55 p.m.2 views

DEBIAN-CVE-2014-3465

The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...

5CVSS6.6AI score0.06783EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.23 views

openSUSE Security Update : libsmi (openSUSE-SU-2011:0011-1)

This update fixes a buffer overflow the smiGetNode function in libsmi. It allowed context-dependent attackers to execute arbitrary code via an Object Identifier. CVE-2010-2891: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS5.9AI score0.14035EPSS
Exploits4References3
OSV
OSV
added 2010/10/28 12:0 a.m.4 views

CVE-2010-2891

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS7.4AI score0.14035EPSS
Exploits4References21
OSV
OSV
added 2010/10/28 12:0 a.m.2 views

DEBIAN-CVE-2010-2891

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS8.2AI score0.14035EPSS
Exploits4References1
OSV
OSV
added 2010/10/28 12:0 a.m.5 views

AZL-7272 CVE-2010-2891 affecting package libsmi for versions less than 0.4.8-27

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS6.2AI score0.14035EPSS
Exploits4References1
Prion
Prion
added 2010/10/28 12:0 a.m.12 views

Buffer overflow

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS8.1AI score0.14035EPSS
Exploits4References18Affected Software1
UbuntuCve
UbuntuCve
added 2010/10/28 12:0 a.m.50 views

CVE-2010-2891

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS6.2AI score0.14035EPSS
Exploits4References1
Debian CVE
Debian CVE
added 2010/10/27 10:0 p.m.25 views

CVE-2010-2891

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

7.5CVSS7.4AI score0.14035EPSS
Exploits4
Exploit DB
Exploit DB
added 2010/10/20 12:0 a.m.52 views

LibSMI smiGetNode - Buffer Overflow When Long OID Is Given In Numerical Form

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form 1. Advisory Information Title: LibSMI smiGetNode Buffer Overflow When Long OID Is Given In...

7.5CVSS6.3AI score0.14035EPSS
Exploits4
NVD
NVD
added 2009/10/14 10:30 a.m.33 views

CVE-2009-2511

Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities v...

7.5CVSS6.6AI score0.12959EPSS
Exploits1References3
Prion
Prion
added 2009/10/14 10:30 a.m.33 views

Integer overflow

Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities v...

7.5CVSS7.1AI score0.12959EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/10/14 10:0 a.m.40 views

CVE-2009-2511

Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities v...

6.6AI score0.12959EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/10/14 12:0 a.m.37 views

Microsoft Windows CryptoAPI X.509 Spoofing Vulnerabilities (974571)

This host is missing a critical security update according to Microsoft Bulletin MS09-056. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS5AI score0.12959EPSS
Exploits2References5
securityvulns
securityvulns
added 2004/06/23 12:0 a.m.42 views

GNU RADIUS SNMP DoS

SNMP packet with invalid oid causes server to crash...

2.4AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.19 views

CVE-2001-1321

Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite...

7.6AI score0.05796EPSS
Exploits0References5
NVD
NVD
added 2001/07/16 4:0 a.m.16 views

CVE-2001-1321

Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite...

7.5CVSS7.6AI score0.05796EPSS
Exploits0References5
Rows per page
Query Builder