Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.17 views

CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

5.7AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.2 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/11 9:3 a.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/06/10 7:23 p.m.2 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/23 8:13 p.m.6 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/12 5:0 p.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/04/19 4:23 p.m.3 views

netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl

An infinite-loop vulnerability was discovered in Netty's OpenSslEngine handling of renegotiation. An attacker could exploit this flaw to cause a denial of service. Note: Netty is only vulnerable if renegotiation is enabled default setting...

7.8CVSS6.6AI score0.11259EPSS
Exploits0References4
Rows per page
Query Builder