Eclipse Jetty 安全漏洞

Eclipse Jetty is an open source, Java-based Web server and Java Servlet container from the Eclipse Foundation. A security vulnerability exists in Eclipse Jetty, which stems from a pooled ByteBuffer that is not freed by SslConnection, and affects the following products and versions: versions 10.0....

SSL VPN 代码问题漏洞

SSL VPN is a new VPN technology that uses the SSL protocol for remote access. It includes: server authentication, client authentication, data integrity over the SSL link and data confidentiality over the SSL link. A code issue vulnerability exists in SSL VPN that stems from the product's failure ...

Stormshield Network Security 访问控制错误漏洞

Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from the French company Stormshield. A security vulnerability in Stormshield 1.1.0 and 2.1.0 through 2.9.0 could allow an attacker to block client access to the VPN and gain access to sensitive information...

ARM mbed TLS 安全漏洞

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption for mbed products. A security vulnerability exists in ARM mbed TLS versions prior to 2.24.0, which stems from a lack of clearing of the plaintext buffer in mbedtlssslread to erase unused application data from...

Cisco Firepower Threat Defense 输入验证错误漏洞

Cisco Firepower Threat Defense FTD is unified software that provides next-generation firewall services. A denial-of-service vulnerability exists in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense, which can be exploited by an attacker to cause a process crash by sendi...

AZL-45213 CVE-2021-31597 affecting package js-jquery 3.5.0-4

The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized when the property exists but is undefined is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected...

puppet-agent: Puppet Agent does not properly verify SSL connection when downloading a CRL

A flaw was found in Puppet, where the Puppet Agent did not verify the peer in the SSL connection before downloading to the Certificate Revocation List CRL. The primary risk is the availability of communications to computing systems and not Puppet itself. This flaw allows an attacker to submit a...

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9 as used in mysqld in MySQL 5.0.x before 5.0.90 MySQL 5.1.x before 5.1.43 MySQL 5.5.x through 5.5.0-m2 and other products allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.

...

Error: "Invalid Certificate" When Installing SSL Certificate on ADC Appliance

When attempting to install an Secure Socket Layer SSL certificate on an ADCappliance, the process fails with error "invalid certificate"...

undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS

A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service DOS to make the service unavailable on SSL...

Types of NetScaler and NetScaler Gateway Licenses

This article describes the types of licenses available for NetScaler and NetScaler Gateway appliances. NetScaler licenses are assigned to physical MPX and virtual VPX appliances. Logical SDX appliances require licenses for each physical appliance and each virtual instance. Refer to NetScaler...

Milesight IP security cameras trust management issue vulnerability (CNVD-2019-40063)

Milesight IP security cameras are IP camera products from China Pulse Digital Technology Milesight. A security vulnerability exists in Milesight IP security cameras version 2016-11-14 and earlier, which stems from a hardcoded SSL private key stored in the /etc/config directory. No details of the...

Cisco Firepower Threat Defense Input Validation Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. An input validation vulnerability exists in the detection engine in Cisco FTD, which can be exploited by a remote attacker to cause a denial of...

CVE-2018-15317

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BADRECORDMAC errors. Clients will be unable to access the...

+Message App Unable to Validate SSL Server Certificate Vulnerability

+Message App is an APP application. +Message App is unable to validate SSL server certificates, and a man-in-the-middle attack may allow an attacker to eavesdrop on encrypted communications...

PT-2018-8796 · Cisco · Cisco Firepower System +1

Name of the Vulnerable Software and Affected Versions: Cisco Firepower System Software affected versions not specified Description: A vulnerability in the detection engine could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory, slowing...

USN-3692-2: OpenSSL vulnerabilities

USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and...

The vulnerability of the implementation library for the Transport Layer Security protocol of Cisco’s microprogrammable network interface devices allows a attacker to induce a service failure.

The vulnerability of the implementation library for the Transport Layer Security TLS protocol in Cisco’s micro-programmed network interface devices exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending...

CVE-2016-5298

A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox 50...

T.JOY KINEPASS App for Android and iOS SSL Server Certificate Vulnerability

T.JOY KINEPASS App for Android is an Android-based application for booking and purchasing movie tickets online from T.JOY Japan.KINEPASS App for iOS is its iOS-based version. A security vulnerability exists in T.JOY KINEPASS App 3.1.1 and earlier versions for Android and KINEPASS App 3.1.2 and...