Lucene search
K

78 matches found

OSV
OSV
added 2021/12/14 7:15 p.m.3 views

ALPINE-CVE-2021-4044

Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...

7.5CVSS6.8AI score0.50099EPSS
Exploits0References1
OSV
OSV
added 2021/12/01 4:45 p.m.12 views

USN-5168-2 thunderbird vulnerability

Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.17563EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.24 views

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:0093_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.01218EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/24 12:0 a.m.41 views

RHEL 6 : chromium-browser (RHSA-2020:0214)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0214 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 79.0.3945.130. Security Fixes:...

8.8CVSS8.2AI score0.01218EPSS
Exploits1References8
OSV
OSV
added 2020/01/22 12:56 p.m.8 views

OPENSUSE-SU-2020:0093-1 Security update for chromium

This update for chromium fixes the following issues: Update to version 79.0.3945.130 boo1161252: - CVE-2020-6378, CVE-2020-6379: Fixed a use-after-free in speech recognizer - CVE-2020-6380: Fixed an extension message verification error - Various fixes from audits, fuzzing and other initiatives...

8.8CVSS8.7AI score0.01218EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2020/01/16 12:0 a.m.232 views

KLA11647 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in speech recognizer can be...

8.8CVSS9.6AI score0.89436EPSS
Exploits15References4
OSV
OSV
added 2019/11/19 5:15 p.m.11 views

CVE-2012-6071

nuSOAP before 0.7.3-5 does not properly check the hostname of a cert...

7.5CVSS6.7AI score0.01312EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.7 views

The vulnerability of the anti-spam protection mechanism of the Cisco Email Security Appliance allows attackers to compromise the integrity of the protected information.

The vulnerability of the anti-spam protection mechanism of Cisco Email Security Appliance is related to errors in the verification of Sender Policy Framework SPF messages. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information by sending...

5.3CVSS5.9AI score0.02276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.6 views

PT-2019-2331

Name of the Vulnerable Software and Affected Versions urllib3 versions prior to 1.24.2 Description The issue is related to the mishandling of certain cases where the desired set of CA certificates is different from the OS store of CA certificates, resulting in SSL connections succeeding in...

8.7CVSS6.9AI score0.02836EPSS
Exploits0References197
Elastic
Elastic
added 2017/08/17 5:34 p.m.6 views

X-Pack Security 5.5.2 security update

X-Pack Security TLS certificate verification error ESA-2017-15 An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node...

5.5CVSS6.5AI score0.0016EPSS
Exploits0
Citrix
Citrix
added 2016/12/06 12:0 a.m.9 views

XenMobile Apps in authentication loop or crashing when returning to Secure Hub to do authentication

Secure Hub and apps for example Secure Mail end up in an authentication loop with Secure Hub showing the error message "Verify your credentials and try again", with the following options "Sign On" or "Quit". Sign On would bring you back to Secure Hub and start the loop all over again...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2014/12/29 12:0 a.m.25 views

CVE-2014-9424

Double free vulnerability in the sslparseclienthellousesrtpext function in d1srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake...

7.5AI score0.01796EPSS
Exploits0References2
OSV
OSV
added 2014/03/03 12:0 a.m.4 views

UBUNTU-CVE-2014-0092

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

5.8CVSS6.6AI score0.29958EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2013/06/24 12:0 a.m.32 views

ImageMagick Integer Overflow Vulnerability - 03 June (Windows)

The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln03jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 03 June Windows Authors: Thanga Prakash S...

4.3CVSS0.9AI score0.01883EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/09/30 12:0 a.m.97 views

IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 1 appears to be running on the remote host and is potentially affected by the following vulnerabilities : - An open redirect vulnerability exists related to the 'logoutExitPage' parameter. This can allow remote attackers to trick users into...

7.8CVSS7.6AI score0.98945EPSS
Exploits19References9
Check Point Advisories
Check Point Advisories
added 2009/11/03 12:0 a.m.15 views

Microsoft .NET Framework Pointer Verification Error (MS09-061; CVE-2009-0090)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

9.3CVSS9.4AI score0.20982EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2009/11/03 12:0 a.m.19 views

Microsoft .NET Framework Type Verification Error (MS09-061; CVE-2009-0090; CVE-2009-0091)

The Microsoft .NET Framework is a software framework that includes a large library of coded solutions to common programming problems and a virtual machine that manages the execution of programs written specifically for the framework. A remote code execution vulnerability exists in the Microsoft...

9.3CVSS9.3AI score0.25811EPSS
Exploits4
NVD
NVD
added 2002/08/01 4:0 a.m.18 views

CVE-2002-1446

The error checking routine used for the CVerify call on a symmetric verification key in the nCipher PKCS11 library 1.2.0 and later returns the CKROK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages...

5CVSS6.6AI score0.01351EPSS
Exploits0References4
Rows per page
Query Builder