27 matches found
eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...
eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...
Security Bulletin: There is a vulnerability in vertx-core-4.5.24.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-6860)
Summary There is a vulnerability in vertx-core-4.5.24.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-6860 DESCRIPTION: A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepte...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
CVE-2026-6860
CVE-2026-6860 describes a TLS SNI handling weakness where a TCP client can present an SNI that matches a server wildcard certificate (e.g., *.example.com) and be accepted by the server, allowing any XYZ.example.com under the wildcard to be used. The CVSS 4.0 vector yields a NETWORK, LOW complexit...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
EUVD-2026-27655
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
PT-2026-37437
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name. For example, if the...
USN-8115-1 pyopenssl vulnerabilities
It was discovered that pyOpenSSL incorrectly handled exceptions in the tlsextservername callback. This could result in connections being accepted after an exception, contrary to expectations. CVE-2026-27448 It was discovered that pyOpenSSL incorrectly handled the DTLS cookie generation callback. ...
K8870: OpenSSL Server Name extension Denial of Service VU#661475
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
SUSE CVE-2008-1948
The gnutlsservernamerecvparams function in lib/extservername.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service crash or...
SUSE CVE-2010-3864
Multiple race conditions in ssl/t1lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to 1 the T...
OpenSSL: Multiple Vulnerabilities (20080528) - Linux
OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenSSL: Multiple Vulnerabilities (20080528) - Windows
OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenSSL < 0.9.8h Multiple Vulnerabilities
Binary data 801061.prm...
DEBIAN-CVE-2010-3864
Multiple race conditions in ssl/t1lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to 1 the T...
Race condition
Multiple race conditions in ssl/t1lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to 1 the T...
OpenSSL TLS extension parsing race condition
Multiple race conditions in ssl/t1lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to 1 the T...