Lucene search
K

27 matches found

OSV
OSV
added 2024/04/03 3:15 a.m.3 views

DEBIAN-CVE-2024-28755

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtlssslsessionreset API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection,...

6.5CVSS5.4AI score0.00403EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 3:15 a.m.3 views

UBUNTU-CVE-2024-28755

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtlssslsessionreset API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection,...

6.5CVSS5.8AI score0.00403EPSS
Exploits0References6
OSV
OSV
added 2024/01/21 11:15 p.m.2 views

UBUNTU-CVE-2023-52353

An issue was discovered in Mbed TLS through 3.5.1. In mbedtlssslsessionreset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum...

7.5CVSS5.8AI score0.00468EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/21 12:0 a.m.4 views

PT-2024-14545 · Mbed Tls +1 · Mbed Tls +1

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions through 3.5.1 Description: An issue was discovered in the mbedtls ssl session reset function, where the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes t...

9.8CVSS6.1AI score0.0112EPSS
Exploits2References26
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.4 views

ProjectSend Security Vulnerability

ProjectSend formerly cFTP is a suite of self-hosted applications based on PHP and MySQL. ProjectSend before r1295 suffers from a security vulnerability that incorrectly resets passwords due to faulty business logic...

7.5CVSS7.1AI score0.02351EPSS
Exploits2References6
OSV
OSV
added 2019/10/18 9:15 p.m.3 views

UBUNTU-CVE-2019-18197

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...

7.5CVSS7.1AI score0.04446EPSS
Exploits0References6
OSV
OSV
added 2018/08/09 8:29 p.m.4 views

ALPINE-CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side...

7.5CVSS7.4AI score0.05154EPSS
Exploits0References1
Rows per page
Query Builder