Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2698

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.01026EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2022/05/04 12:0 a.m.56 views

FreeBSD : OpenSSL -- Multiple vulnerabilities (fceb2b08-cb76-11ec-a06f-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fceb2b08-cb76-11ec-a06f-d4c9ef517024 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command...

10CVSS7.4AI score0.83223EPSS
Exploits5References6
OSV
OSV
added 2022/05/03 4:15 p.m.41 views

CVE-2022-1434

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipie...

5.9CVSS3.6AI score
Exploits0References4
Prion
Prion
added 2022/05/03 4:15 p.m.26 views

Design/Logic Flaw

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipie...

4.3CVSS7.2AI score0.01026EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/03 12:0 p.m.24 views

RUSTSEC-2022-0026 Incorrect MAC key used in the RC4-MD5 ciphersuite

The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipie...

5.9CVSS7.3AI score0.01026EPSS
Exploits0References3
Rows per page
Query Builder