Lucene search
K

17 matches found

Broadcom
Broadcom
added 2022/09/13 12:0 a.m.49 views

CVE-2021-3711: ASN1_STRING structure contains a buffer holding the string data

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS1AI score0.87816EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.26 views

AlmaLinux 8 : openssl (ALSA-2021:5226)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:5226 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer...

7.4CVSS7AI score0.50445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/23 12:0 a.m.248 views

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2022-1181)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

7.4CVSS7AI score0.50445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.275 views

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2022-1088)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an...

9.8CVSS7.3AI score0.87816EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/01/12 12:0 a.m.35 views

Juniper Junos OS Vulnerability (JSA11293)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11293 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length...

7.4CVSS7AI score0.50445EPSS
Exploits0References2
0day.today
0day.today
added 2021/11/29 12:0 a.m.469 views

opencart 3.0.3.8 - Sessjion Injection Vulnerability

Exploit Title: opencart 3.0.3.8 - Sessjion Injection Exploit Author: Hubert Wojciechowski Contact Author: email protected Company: https://redteam.pl Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/ Version: 3.0.3.8 Testeted on: Windows 10 using XAMPP,...

Exploits0
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.40 views

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2021:3019-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3019-1 advisory. - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. Tenab...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.50 views

SUSE SLES15: libopenssl-1_0_0-devel / libopenssl10 / libopenssl1_0_0 / etc (SUSE-SU-2021:2994-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2994-1 advisory. - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. Tenab...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.41 views

SUSE SLED12: libopenssl-1_0_0-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2021:2995-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2995-1 advisory. - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/09/08 12:0 a.m.29 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2021:2967-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2967-1 advisory. - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. Tenab...

7.4CVSS7AI score0.50445EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2021/09/01 12:0 a.m.53 views

Security fix for the ALT Linux 10 package node version 14.17.6-alt1

Sept. 1, 2021 Vitaly Lipatov 14.17.6-alt1 - new version 14.17.6 with rpmrb script - set npm = 6.14.15 - set openssl = 1.1.1l - CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712, CVE-2021-37713, CVE-2021-39134, CVE-2021-39135...

5.8CVSS8.6AI score0.15014EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.48 views

SUSE SLES11: libopenssl1-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2021:14792-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14792-1 advisory. This update for openssl1 fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffe...

7.4CVSS7.1AI score0.50445EPSS
Exploits0References4
OSV
OSV
added 2021/08/24 3:15 p.m.3 views

ALPINE-CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS7.5AI score0.87816EPSS
Exploits1References1
Prion
Prion
added 2021/08/24 3:15 p.m.47 views

Buffer overflow

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

7.5CVSS9.6AI score0.87816EPSS
Exploits1References16Affected Software20
Cvelist
Cvelist
added 2021/08/24 2:50 p.m.23 views

CVE-2021-3711 SM2 Decryption Buffer Overflow

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.9AI score0.87816EPSS
Exploits1References17
Debian CVE
Debian CVE
added 2021/08/24 2:50 p.m.60 views

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS8.3AI score0.87816EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.66 views

Ubuntu 18.04 LTS / 20.04 LTS : OpenSSL vulnerabilities (USN-5051-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5051-1 advisory. John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications usi...

9.8CVSS7AI score0.87816EPSS
Exploits1References3
Rows per page
Query Builder