CVE-2023-24903

Windows Secure Socket Tunneling Protocol SSTP Remote Code Execution Vulnerability...

Microsoft Windows Secure Socket Tunneling Protocol 竞争条件问题漏洞

The Microsoft Windows Secure Socket Tunneling Protocol is a Microsoft mechanism for encapsulating Point-to-Point Protocol PPP traffic via the HTTPS protocol, as specified in RFC1945, RFC2616, and RFC2818. This protocol enables users to access private networks using HTTPS. HTTPS can traverse most...

PT-2023-2694 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows Secure Socket Tunneling Protocol SSTP affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Secure Socket Tunneling Protocol SSTP in th...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

CVE-2023-30441

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188...

OpenJDK: certificate validation issue in TLS session negotiation (8298310)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

The vulnerability in the implementation of the Secure Socket Tunneling Protocol (SSTP) on Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Jenkins Plugin NeuVector Vulnerability Scanner 信任管理问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2023-28241

Windows Secure Socket Tunneling Protocol SSTP Denial of Service Vulnerability...

Denial of service

Windows Secure Socket Tunneling Protocol SSTP Denial of Service Vulnerability...

CVE-2023-28241 Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability

...

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability

...

Microsoft Windows Secure Socket Tunneling Protocol 安全漏洞

The Microsoft Windows Secure Socket Tunneling Protocol is a Microsoft mechanism for encapsulating Point-to-Point Protocol PPP traffic via the HTTPS protocol, as specified in RFC1945, RFC2616, and RFC2818. This protocol enables users to access private networks using HTTPS. HTTPS can traverse most...

PT-2023-2434 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: The issue is related to the implementation of the Secure Socket Tunneling Protocol SSTP in Windows operating systems, which is associated with insufficient input validation. This c...

Fortinet FortiOS 缓冲区错误漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerabili...

SUSE CVE-2005-0237

The International Domain Name IDN support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing...

SUSE CVE-2006-3738

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

SUSE CVE-2007-5195

Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196...

SUSE CVE-2012-6093

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fai...

SUSE CVE-2013-6491

The python-qpid client common/rpc/implqpid.py in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpidprotocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network...