6 matches found
F5 Networks BIG-IP : OpenSSL vulnerability (K93600123)
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session, NOTE: this vulnerability...
OpenSSL Padding Oracle Information Disclosure (CVE-2016-2107)
An information disclosure vulnerability exists in the AES-NI implementation of OpenSSL. The vulnerability is due to memory allocation miscalculation during a certain padding check. A remote attacker can exploit this vulnerability to obtain sensitive cleartext information via a padding-oracle atta...
CVE-2014-8709
The ieee80211fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets...
CVE-2014-8709
The ieee80211fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets...
CVE-2014-0863
The client in IBM Cognos TM1 9.5.2.3 before IF5, 10.1.1.2 before IF1, 10.2.0.2 before IF1, and 10.2.2.0 before IF1 stores obfuscated passwords in memory, which allows remote authenticated users to obtain sensitive cleartext information via an unspecified security tool...
CVE-2012-1812
eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to obtain sensitive cleartext information via a session on TCP port 12000...