Lucene search
K

35 matches found

NVD
NVD
added 2018/01/08 7:29 p.m.31 views

CVE-2015-2320

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback...

9.8CVSS8.7AI score0.03539EPSS
Exploits0References7
CVE
CVE
added 2018/01/08 7:0 p.m.75 views

CVE-2015-2318

The CVE-2015-2318 entry concerns the Mono TLS stack prior to version 3.12.1. The issue, called SMACK SKIP-TLS, arises from missing handshake state validation, enabling man-in-the-middle attackers to exploit message skipping and impersonate clients. Affected software: Mono’s TLS implementation (pr...

8.1CVSS8.1AI score0.0197EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2018/01/08 7:0 p.m.26 views

CVE-2015-2318

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue...

8.1CVSS8.7AI score0.0197EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/01/08 7:0 p.m.26 views

CVE-2015-2320

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback...

9.8CVSS9.6AI score0.03539EPSS
Exploits0
Cvelist
Cvelist
added 2018/01/08 7:0 p.m.34 views

CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204...

6.4AI score0.03152EPSS
Exploits0References8
CVE
CVE
added 2018/01/08 7:0 p.m.73 views

CVE-2015-2320

CVE-2015-2320 affects the Mono TLS stack prior to 3.12.1, where the vulnerability arises from client-side SSLv2 fallback. The description specifies that remote attackers can cause unspecified impact. The included metrics show a base score of 7.5 (CVSSv2) and a 9.8 (CVSSv3) with network access and...

9.8CVSS8.5AI score0.03539EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2018/01/08 7:0 p.m.33 views

CVE-2015-2320

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback...

8.6AI score0.03539EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/11/28 12:0 a.m.27 views

CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...

9.8CVSS7.1AI score0.11931EPSS
Exploits3References3
Filippo.io
Filippo.io
added 2017/02/09 2:14 a.m.179 views

Finding Ticketbleed

Ticketbleed CVE-2016-9244 is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be...

5CVSS7AI score0.74EPSS
Exploits7
Filippo.io
Filippo.io
added 2017/02/09 2:14 a.m.96 views

Finding Ticketbleed

Ticketbleed CVE-2016-9244 is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be...

5CVSS7AI score0.74EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.36 views

Debian DLA-176-1 : mono security update

Three issues with Mono's TLS stack are addressed. CVE-2015-2318 Mono's implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various attacks on the protocol to succeed. 'SKIP-TLS' CVE-2015-2319 Mono's implementation of SSL/TLS also contained...

9.8CVSS8AI score0.03539EPSS
Exploits0References5
OSV
OSV
added 2015/03/22 12:0 a.m.23 views

DSA-3202-1 mono - security update

Bulletin has no description...

9.8CVSS8.4AI score0.03539EPSS
Exploits0
OSV
OSV
added 2015/03/19 12:0 a.m.25 views

DLA-176-1 mono - security update

Bulletin has no description...

9.8CVSS8.4AI score0.03539EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/18 12:0 a.m.35 views

CVE-2015-2318

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue...

8.1CVSS7.2AI score0.0197EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/03/18 12:0 a.m.36 views

CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204...

7.5CVSS7.2AI score0.03152EPSS
Exploits0References2
Rows per page
Query Builder