Lucene search
K

13 matches found

Veracode
Veracode
added 2023/11/27 7:58 a.m.21 views

Denial Of Service (DoS)

org.bouncycastle: bcprov is vulnerable to Denial of Service DoS. The vulnerability arises due to parsing certificates in the PEMParser class. This class is responsible for parsing X.509 certificates, encoded keys and PKCS7 objects. The parser can throw an OutOfMemoryError while parsing crafted...

5.5CVSS7AI score0.00932EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/07/01 12:0 a.m.36 views

RHEL 8 : compat-openssl10 (RHSA-2022:5326)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:5326 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS7.1AI score0.70561EPSS
Exploits2References5
Oracle linux
Oracle linux
added 2022/03/29 12:0 a.m.61 views

openssl security update

1:1.0.2k-25 - Fixes CVE-2022-2078 Infinite loop in BNmodsqrt reachable when parsing certificates - Related: rhbz2067160...

7.5CVSS2.9AI score0.70561EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/03/29 12:0 a.m.47 views

RHEL 7 : openssl (RHSA-2022:1077)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1077 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS7.1AI score0.70561EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2022/03/29 12:0 a.m.248 views

RHEL 8 : openssl (RHSA-2022:1091)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1091 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS7.1AI score0.70561EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/03/28 1:53 p.m.61 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
Mageia
Mageia
added 2022/03/23 8:36 a.m.61 views

Updated openssl packages fix security vulnerability

Infinite loop in BNmodsqrt reachable when parsing certificates. CVE-2022-0778...

7.5CVSS3.1AI score0.70561EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/03/23 12:0 a.m.470 views

Oracle Linux 8 : openssl (ELSA-2022-9233)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9233 advisory. 1:1.1.1k-5.0.1 - fix CVE-2022-0778 - possible infinite loop in BNmodsqrt Orabug: 33974871 Tenable has extracted the preceding description block directly from th...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
Cvelist
Cvelist
added 2022/03/15 5:5 p.m.44 views

CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.6AI score0.70561EPSS
Exploits2References29
RustSec
RustSec
added 2022/03/15 12:0 p.m.87 views

Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.8AI score0.70561EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/09/23 12:0 a.m.49 views

Debian DSA-3673-1 : openssl - security update

Several vulnerabilities were discovered in OpenSSL : - CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-p ointer-arithmetic/ - CVE-2016-2178 Cesar Pereida, Billy...

9.8CVSS7.4AI score0.95707EPSS
Exploits8References25
Veeam
Veeam
added 2013/09/05 12:0 a.m.17 views

Error installing BEM – System.IndexOutOfRangeException: Index was outside the bounds of the array

Challenge Cause As indicated by this line in the error message "VmEMSetup.Dialogs.VMEMDialogAddConfig.EnumSSLCertificates", there is an issue parsing certificates with an empty Subject field, and they will need to be removed. The offending certificates are not self-signed because they are generat...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2006/01/09 11:0 a.m.29 views

CVE-2006-0120

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service application crash via multiple vectors, involving 1 a malformed message sent to an "Out Of Office" agent SPR LPEE6DMQWJ, 2 the compact command RTIN5U2SAJ, 3 malforme...

6.8AI score0.01644EPSS
Exploits0References17
Rows per page
Query Builder