CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

219 matches found

Tenable Nessus•added 2018/11/09 12:0 a.m.•36 views

Ubuntu 16.04 LTS : pyOpenSSL vulnerabilities (USN-3813-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3813-1 advisory. It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to cras...

8.1CVSS6.5AI score0.04075EPSS

Exploits0References3

Ubuntu•added 2018/11/08 1:28 p.m.•392 views

USN-3813-1: pyOpenSSL vulnerabilities

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000807 It was discovered that pyOpenSSL incorrectly handled...

8.1CVSS6.3AI score0.04075EPSS

Exploits0

RedhatCVE•added 2018/10/17 3:20 p.m.•23 views

CVE-2018-1000807

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...

8.1CVSS5.7AI score0.04075EPSS

Exploits0References1

OSV•added 2018/10/10 4:10 p.m.•28 views

GHSA-P28M-34F6-967Q PyOpenSSL Use-After-Free vulnerability

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This attack appears to be exploitable via Depends on the calling...

8.1CVSS8.5AI score0.04075EPSS

Exploits0References8

vulnersOsv•added 2018/10/10 4:10 p.m.•2 views

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)

pyopenssl PYPI version =16.0.0, =0.4.1, =1.2.1.20160901, =0.9.5, =0.2.10.3, =2.2.0, =0.5.0, =0.3.0, =0.2.4, =0.9.2, =0.9.7, =1.9.5, =1.1.1, =1.3.0 and more Source cves: CVE-2018-1000807 Source advisory: OSV:GHSA-P28M-34F6-967Q...

8.1CVSS6.5AI score0.04075EPSS

Exploits0

Github Security Blog•added 2018/10/10 4:10 p.m.•30 views

PyOpenSSL Use-After-Free vulnerability

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This attack appears to be exploitable via Depends on the calling...

8.1CVSS8.5AI score0.04075EPSS

Exploits0References8Affected Software1

vulnersOsv•added 2018/10/10 4:10 p.m.•3 views

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)

5.9CVSS6.2AI score0.01895EPSS

Exploits0

OSV•added 2018/10/10 4:10 p.m.•19 views

GHSA-2RCM-PHC9-3945 Pyopenssl Incorrect Memory Management

It was discovered that pyOpenSSL incorrectly handled memory when performing operations on a PKCS 12 store. A remote attacker could possibly use this issue to cause pyOpenSSL to consume resources, resulting in a denial of service. This attack appear to be exploitable via Depends upon calling...

8.2CVSS6.7AI score0.01895EPSS

Exploits0References9

Github Security Blog•added 2018/10/10 4:10 p.m.•21 views

Pyopenssl Incorrect Memory Management

5.9CVSS6.1AI score0.01895EPSS

Exploits0References8Affected Software1

Veracode•added 2018/10/09 5:28 a.m.•24 views

Remote Code Execution (RCE)

pyopenssl is vulnerable to remote code execution. A Use-After-Free UAF vulnerability exists in the X509 object handling which can be remotely exploited to cause a denial of service condition or execute arbitrary code...

8.1CVSS8.4AI score0.04075EPSS

Exploits0References5Affected Software1

Veracode•added 2018/10/09 5:15 a.m.•17 views

Denial Of Service (DoS)

pyopenssl is vulnerable to denial of service DoS attacks. The vulnerability exists due to the lack of releasing the memory of the PKCS 12 Store where reloading certificates from the PKCS 12 store could cause a DoS attack...

5.9CVSS6.4AI score0.01895EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2018/10/08 3:29 p.m.•2 views

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000807 via pyopenssl (>=16.0.0 <=17.4.0)

8.1CVSS6.5AI score0.04075EPSS

Exploits0

NVD•added 2018/10/08 3:29 p.m.•15 views

CVE-2018-1000807

8.1CVSS8.5AI score0.04075EPSS

Exploits0References5

NVD•added 2018/10/08 3:29 p.m.•16 views

CVE-2018-1000808

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS 12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends...

5.9CVSS6.7AI score0.01895EPSS

Exploits0References4

vulnersOsv•added 2018/10/08 3:29 p.m.•4 views

burp-ui (>=0.4.1 <=0.5.1), certbot-pinned (=0.17.0) +82 more potentially affected by CVE-2018-1000808 via pyopenssl (>=16.0.0 <=17.4.0)

5.9CVSS6.2AI score0.01895EPSS

Exploits0

OSV•added 2018/10/08 3:29 p.m.•2 views

DEBIAN-CVE-2018-1000807

8.1CVSS7.7AI score0.04075EPSS

Exploits0References1

OSV•added 2018/10/08 3:29 p.m.•18 views

CVE-2018-1000807