Lucene search
K

17 matches found

GithubExploit
GithubExploit
added 2022/11/03 3:19 a.m.246 views

Exploit for Out-of-bounds Write in Openssl

Detection for CVE-2022-3602 - OpenSSL RCE/DOC v3.0.0 - v3.0.6...

7.5CVSS7.9AI score0.89804EPSS
Exploits6
Github Security Blog
Github Security Blog
added 2022/01/06 8:41 p.m.43 views

Inadequate Encryption Strength in Apache NiFi

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS7.4AI score0.02871EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/01/06 8:41 p.m.35 views

GHSA-RFMP-JVR7-HX78 Inadequate Encryption Strength in Apache NiFi

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS7.5AI score0.02871EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/27 3:56 p.m.14 views

Security Bulletin: Rational Developer for System z - Add support for TLS v1.2 with MS-CAPI in HCE

Summary IBM Rational Developer for System z has added support for TLS v1.2 with MS-CAPI in the Host Connection Emulator Vulnerability Details CVEID: CVE-2017-1796 DESCRIPTION: IBM Developer for z Systems uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt...

0.2AI score
Exploits0Affected Software1
Veracode
Veracode
added 2020/10/02 1:27 a.m.19 views

Insecure Encryption Standards

nifi-socket-utils uses insecure encryption standards. The weakness arises as it continued to allow support of TLS v1.0 and v1.1, when the NiFi UI, API, as well as listening for connections established by processors like ListenHTTP, HandleHttpRequest were protected by mandating TLS v1.2...

7.5CVSS1.5AI score0.02871EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2020/10/01 8:15 p.m.29 views

CVE-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS0.02871EPSS
Exploits0References3
OSV
OSV
added 2020/10/01 8:15 p.m.33 views

CVE-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS6.9AI score0.02871EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/01 7:57 p.m.38 views

CVE-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5AI score0.02871EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/01 8:19 a.m.28 views

Security Bulletin: Vulnerability in SSLv3 affects Rational DOORS Web Access (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 can be enabled in IBM Rational DOORS Web Access. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts lik...

4.3CVSS0.5AI score0.99999EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.18 views

Security Bulletin: IBM Developer for z Systems - Add support for TLS v1.2 with MS-CAPI in HCE

Summary IBM Developer for z Systems has added support for TLS v1.2 with MS-CAPI in the Host Connection Emulator Vulnerability Details CVEID: CVE-2017-1796 DESCRIPTION: IBM Developer for z Systems uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

0.7AI score
Exploits0Affected Software1
OSV
OSV
added 2016/09/27 1:12 p.m.5 views

SUSE-SU-2016:2396-1 Security update for apache2-mod_nss

This update provides apache2-modnss 1.0.14, which brings several fixes and enhancements: - Fix OpenSSL ciphers stopped parsing at +. CVE-2016-3099 - Created valgrind suppression files to ease debugging. - Implement SSLPPTYPEFILTER to call executables to get the key password pins. - Improvements t...

9.8CVSS4.8AI score0.99999EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2014/04/02 12:0 a.m.10 views

TLS v1.2 Traffic Negotiation Detection

Binary data 8184.prm...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2013/11/21 12:0 a.m.27 views

Ubuntu Update for nss USN-2030-1

Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN20301.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for nss USN-2030-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you ca...

7.5CVSS6AI score0.04399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/11/21 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-2030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.04399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/11/19 12:0 a.m.32 views

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : nss vulnerabilities (USN-2030-1)

Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds...

7.5CVSS6.4AI score0.04399EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2013/11/18 8:12 p.m.59 views

USN-2030-1: NSS vulnerabilities

Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds...

7.5CVSS6.3AI score0.04399EPSS
Exploits0
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.110 views

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
Rows per page
Query Builder