MiracleLinux 4 : libtasn1-2.3-3.AXS4.1 (AXSA:2012-480:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-480:01 advisory. This is the ASN.1 library used in GNUTLS. More up to date information can be found at http://www.gnu.org/software/gnutls and http://www.gnutls.org Security...

Malleable ECDSA Signature

jsrsasign uses a malleable ECDSA signature. The vulnerability exists as it does not check for overflows in the length of a sequence, and allows 0 characters appended or prepended to an integer to be verified as the same as without the extra 0 characters...

CVE-2019-9162

It was found that there are insufficient ASN.1 sequence length checks a.k.a. an array index error in the Linux kernel in the snmpversion and snmphelper functions in the net/ipv4/netfilter/nfnatsnmpbasicmain.c in the nfnatsnmpbasic module making out-of-bounds read and write operations possible. An...

CVE-2007-4767

Perl-Compatible Regular Expression PCRE library before 7.3 does not properly compute the length of 1 a \p sequence, 2 a \P sequence, or 3 a \Px sequence, which allows context-dependent attackers to cause a denial of service infinite loop or crash or execute arbitrary code...