Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2315

Malware in sbrugna...

5.9CVSS5.9AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2317

Malware in sbrugna...

9.8CVSS9.5AI score0.01355EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2019/02/05 12:0 a.m.92 views

OSCI-Transport Library 1.2 1.8.1 Insecure Crypto / Signature Bypass

A blog post with further information has been released on this topic as well: https://r.sec-consult.com/osci SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: OSCI-Transport Library 1.2...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2018/09/17 12:0 a.m.40 views

Azure IoT SDK Spoofing Vulnerability (Sep 2018) - Windows

Azure IoT Device C SDK library is prone to a spoofing vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.9AI score0.02131EPSS
Exploits0References3
Prion
Prion
added 2018/05/09 7:29 p.m.25 views

Spoofing

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK, C SDK, Java SDK...

6.8CVSS5.6AI score0.01098EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/04 12:0 a.m.6 views

OSCI Transport Library OSCI-Transport Signature Package Vulnerability

OSCI Transport Library Java is a Java library of mandatory transport protocols for German e-government, and OSCI Transport Library .NET is its .NET version.OSCI-Transport is one of the XML-based transport protocols. A security vulnerability exists in OSCI Transport Library version 1.6.1 Java and...

6.5CVSS6.9AI score0.00487EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/04 12:0 a.m.4 views

OSCI Transport Library OSCI-Transport Decryption Transport Encryption Algorithm Vulnerability

OSCI Transport Library Java is a Java library of mandatory transport protocols for German e-government, and OSCI Transport Library .NET is its .NET version.OSCI-Transport is one of the XML-based transport protocols. A security vulnerability exists in OSCI Transport Library version 1.6.1 Java and ...

5.9CVSS6.8AI score0.00331EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/04 12:0 a.m.3 views

OSCI Transport Library OSCI-Transport XXE vulnerability

OSCI Transport Library Java is a Java library of mandatory transport protocols for German e-government, and OSCI Transport Library .NET is its .NET version.OSCI-Transport is one of the XML-based transport protocols. An XML external entity injection vulnerability exists in OSCI Transport Library...

9.8CVSS7.3AI score0.01355EPSS
Exploits0References1
Prion
Prion
added 2017/06/30 12:29 p.m.10 views

Xxe

An XML External Entity XXE issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET, exploitable by sending a crafted standard-conforming OSCI message from within the infrastructure...

7.5CVSS9.2AI score0.01355EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/06/30 12:29 p.m.2 views

CVE-2017-10668

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the...

5.9CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2017/06/30 12:29 p.m.9 views

Design/Logic Flaw

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the...

4.3CVSS5.4AI score0.00331EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/06/30 12:29 p.m.16 views

CVE-2017-10670

An XML External Entity XXE issue exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET, exploitable by sending a crafted standard-conforming OSCI message from within the infrastructure...

9.8CVSS9.4AI score0.01355EPSS
Exploits0References2
CVE
CVE
added 2017/06/30 12:0 p.m.47 views

CVE-2017-10669

CVE-2017-10669 describes a Signature Wrapping vulnerability in OSCI-Transport 1.2 as used by OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker who can read unencrypted OSCI protocol messages can craft messages containing duplicate IDs to exploit the flaw. Affe...

6.5CVSS6.3AI score0.00487EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/06/30 12:0 p.m.50 views

CVE-2017-10670

The CVE-2017-10670 entry describes an XML External Entity (XXE) vulnerability in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). The root cause is an XXE issue that can be exploited by sending a specially crafted, standards-conforming OSCI ...

9.8CVSS9.2AI score0.01355EPSS
Exploits0References2Affected Software1
Cent OS
Cent OS
added 2005/09/15 10:48 a.m.64 views

XFree86 security update

CentOS Errata and Security Advisory CESA-2005:501 Updated XFree86 packages that fix several integer overflows, various bugs, and add ATI RN50/ES1000 support are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security...

5.1CVSS5.8AI score0.03923EPSS
Exploits0References9
Rows per page
Query Builder