Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-46942

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01697EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-35841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: tls, fix WARNIING in skmsgfree A splice with MSGSPLICEPAGES will cause tls code to use...

5.5CVSS6.2AI score0.00218EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/12/06 2:54 p.m.11 views

CVE-2024-11738

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message...

7.5CVSS5.5AI score0.00693EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.12 views

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2024-2819)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS server...

7.5CVSS6.3AI score0.01118EPSS
Exploits0References2
OSV
OSV
added 2024/02/15 6:15 p.m.6 views

CVE-2023-6937

wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...

5.3CVSS6.7AI score
Exploits0References2
CNVD
CNVD
added 2021/04/29 12:0 a.m.7 views

Cisco Firepower Threat Defense Denial of Service Vulnerability (CNVD-2021-50578)

Cisco Firepower Threat Defense FTD is unified software that provides next-generation firewall services. A denial-of-service vulnerability exists in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense, which can be exploited by an attacker to cause a process crash by sendi...

8.6CVSS6.5AI score0.01386EPSS
Exploits0References1
OSV
OSV
added 2020/10/24 5:51 p.m.7 views

MGASA-2020-0395 Updated nss and firefox packages fix security vulnerabilities

Mozilla developers and community members Jason Kratzer, Simon Giesecke, Philipp, and Christian Holler reported memory safety bugs present in Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

9.8CVSS9.5AI score0.03854EPSS
Exploits0References5
OpenSSL
OpenSSL
added 2016/09/21 12:0 a.m.40 views

Vulnerability in OpenSSL - Excessive allocation of memory in tls_get_message_header()

A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being...

7.4AI score0.13837EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.27 views

FreeBSD Ports: FreeBSD

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.3AI score0.0422EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/10/18 12:0 a.m.31 views

Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)

EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.3CVSS5.3AI score0.0422EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/10/18 12:0 a.m.20 views

Fedora 17 : hostapd-0.7.3-10.fc17 (2012-15759)

EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.3CVSS5.3AI score0.0422EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/10/15 12:0 a.m.20 views

Fedora 18 : hostapd-1.0-3.fc18 (2012-15680)

EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.3CVSS5.3AI score0.0422EPSS
Exploits0References3
OSV
OSV
added 2012/10/10 6:55 p.m.6 views

CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

7AI score
Exploits0References12
Cvelist
Cvelist
added 2012/10/10 6:0 p.m.26 views

CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

6.9AI score0.0422EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2012/10/10 6:0 p.m.26 views

CVE-2012-4445

Heap-based buffer overflow in the eapservertlsprocessfragment function in eapservertlscommon.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service crash or abort via a small "TLS Message Length" value in an EAP-TLS message with the "Mor...

4.3CVSS5.3AI score0.0422EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2008/05/20 2:56 p.m.2 views

GNUTLS-SA-2008-1-2 GnuTLS null-pointer dereference

The gnutlsrecvclientkxmessage function in lib/gnutlskx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service NULL dereference and crash v...

9.3CVSS7.2AI score0.05772EPSS
Exploits2References4
Rows per page
Query Builder