Lucene search
K

17 matches found

CNNVD
CNNVD
added 2026/04/09 12:0 a.m.6 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. Versions of wolfSSL prior to 5.9.0 contained a security vulnerability caused by integer underflow. This vulnerability could allow...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/20 3:37 a.m.30 views

CVE-2026-32941 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...

7.1CVSS0.00298EPSS
Exploits1References1
OSV
OSV
added 2025/11/22 7:34 a.m.2 views

SUSE-SU-2025:4160-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.29 fixes various security issues The following security issues were fixed: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd...

7.8CVSS6.7AI score0.00178EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/10/15 2:11 p.m.9 views

CVE-2025-55083 Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read...

6.9CVSS0.00229EPSS
Exploits0References1
Amazon
Amazon
added 2025/07/30 12:0 a.m.8 views

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15,...

8.6CVSS6.8AI score0.01058EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/07/02 12:0 a.m.4 views

OpenSSL Toolkit 3.0.17

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the LTS release supported until 7th September 2026...

7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 10:26 a.m.4 views

golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.

A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the...

7.5CVSS7.3AI score0.0125EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.2 views

OpenSSL Security Vulnerabilities

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

5.5CVSS8AI score0.03174EPSS
Exploits0References10
CNVD
CNVD
added 2022/05/08 12:0 a.m.13 views

OpenSSL Denial of Service Vulnerability (CNVD-2022-37792)

OpenSSL is an open source general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports multiple cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure hashi...

7.5CVSS1.3AI score0.02386EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.0 views

GnuTLS Encryption Problem Vulnerability (CNVD-2020-53541)

GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. A security vulnerability exists in GnuTLS version 3.6.14. An attacker can exploit this vulnerability by performing a man-in-the-middle attack to bypass authentication in TLS version 1.3 and recover previou...

7.4CVSS8.8AI score0.17507EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2018/07/24 9:9 p.m.6 views

JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

5.9CVSS7.4AI score0.04676EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/08/07 4:11 p.m.3 views

postgresql: libpq ignores PGREQUIRESSL environment variable

It was discovered that the PostgreSQL client library libpq did not enforce the use of TLS/SSL for a connection to a PostgreSQL server when the PGREQUIRESSL environment variable was set. An man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a...

5.9CVSS7.4AI score0.02042EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2012/04/11 12:0 a.m.26 views

Fedora Update for gnutls FEDORA-2012-4569

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2012-4569 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

5CVSS7.1AI score0.04202EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/03/26 12:0 a.m.19 views

Fedora Update for gnutls FEDORA-2012-4578

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2012-4578 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

5CVSS7AI score0.04202EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2010/06/28 12:0 a.m.33 views

Fedora Update for gnutls FEDORA-2010-9487

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2010-9487 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

5.8CVSS7.9AI score0.87264EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.18 views

Fedora Update for gnutls FEDORA-2008-9600

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2008-9600 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

4.3CVSS6.2AI score0.01882EPSS
Exploits1References2
Fedora
Fedora
added 2008/05/21 10:57 a.m.30 views

[SECURITY] Fedora 8 Update: gnutls-1.6.3-3.fc8

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implem ents the proposed standards by the IETF's TLS working group...

10CVSS2.3AI score0.12018EPSS
Exploits3
Rows per page
Query Builder