Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 server key agreement group selection when the server configuration includes the 'DEFAULT' keyword. An attacker can influence the negotiation to u...

EUVD-2006-5639

Malware in sbrugna...

Exploit for CVE-2014-3566

POODLE Attack Proof of Concept A complete demonstration envir...

Metasploit Weekly Wrap-Up 08/28/2025

New module content 2 Pretalx Arbitrary File Read/Limited File Write Authors: Stefan Schiller and msutovsky-r7 Type: Auxiliary and Exploit Pull request: 20480 contributed by msutovsky-r7 Path: auxiliary/scanner/http/pretalxfilereadcve202328459 and exploit/linux/http/pretalxrcecve202328458 Attacker...

AZL-56761 CVE-2024-12797 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-5

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

UBUNTU-CVE-2024-13454

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3...

POODLE SSLV3.0 Security Issue Workaround for License Server

Citrix Licensing 11.12.1 for Windows might be vulnerable to the Padding Oracle On Downgraded Legacy Encryption POODLE vulnerability. POODLE affects older standards of encryption - Secure Socket Layer SSL version 3 but not the newer encryption method Transport Layer Security TLS. Citrix suggests t...

SUSE CVE-2002-2227

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service memory corruption via a crafted SSLv2 challenge value...

SUSE CVE-2006-4343

The getserverhello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service client crash via unknown vectors that trigger a null pointer dereference...

SUSE CVE-2007-0008

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

SUSE CVE-2007-0009

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...

SUSE CVE-2009-4355

Memory leak in the zlibstatefulfinish function in crypto/comp/czlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service memory consumption via vectors that trigger incorrect calls to the CRYPTOcleanupallexdata function, as demonstrate...

ALPINE-CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

OpenSSL: Segmentation fault in SSL_check_chain (CVE-2020-1967) - Windows

OpenSSL server or client applications are prone to a denial-of-service vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DEBIAN-CVE-2019-0190

A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or...

nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello

A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack...

Kraftway 24F2XG Router Information Disclosure Vulnerability

The Kraftway 24F2XG Router is a wireless router product from the Russian company Kraftway. A security vulnerability exists in the Kraftway 24F2XG Router using firmware version 3.5.30.1118, which originates from the program's use of SSLv2 and SSLv3. A remote attacker could use this vulnerability t...

CVE-2018-15355

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118...

openSUSE Security Update : curl (openSUSE-2018-589)

This update for curl to version 7.60.0 fixes the following issues : These security issues were fixed : - CVE-2018-1000300: Prevent heap-based buffer overflow when closing down an FTP connection with very long server command replies bsc1092094. - CVE-2018-1000301: Prevent buffer over-read that cou...

Security update for curl (moderate)

This update for curl to version 7.60.0 fixes the following issues: These security issues were fixed: - CVE-2018-1000300: Prevent heap-based buffer overflow when closing down an FTP connection with very long server command replies bsc1092094. - CVE-2018-1000301: Prevent buffer over-read that could...