Lucene search
K

17 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2015-0111)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.1AI score0.21247EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2020-2076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.5AI score0.98685EPSS
Exploits0References2
Veracode
Veracode
added 2017/02/10 3:10 a.m.30 views

Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are triggered through the use of an invalid certificate key in the X509toX509REQ function, causing a null pointer dereference and application crash...

5CVSS5.1AI score0.08518EPSS
Exploits0References89Affected Software8
OpenVAS
OpenVAS
added 2015/11/26 12:0 a.m.46 views

OpenSSL Multiple Vulnerabilities (20150319 - 3) - Windows

OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

6.8CVSS7.1AI score0.21247EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.55 views

SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2015:0541-1)

OpenSSL was updated to fix various security issues. Following security issues were fixed : - CVE-2015-0209: A Use After Free following d2iECPrivatekey error was fixed which could lead to crashes for attacker supplied Elliptic Curve keys. This could be exploited over SSL connections with client...

6.8CVSS7.4AI score0.21247EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.270 views

Debian DLA-177-1 : openssl security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : CVE-2015-0209 It was discovered that a malformed EC private key might result in memory corruption. CVE-2015-0286 Stephen...

7.5CVSS7.3AI score0.44503EPSS
Exploits1References9
Debian
Debian
added 2015/03/24 9:32 p.m.59 views

[SECURITY] [DSA 3197-2] openssl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3197-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.44503EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/03/20 12:0 a.m.45 views

Debian DSA-3197-1 : openssl - security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service. -...

7.5CVSS7.3AI score0.44503EPSS
Exploits1References14
Prion
Prion
added 2015/03/19 10:59 p.m.24 views

Null pointer dereference

The X509toX509REQ function in crypto/x509/x509req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service NULL pointer dereference and application crash via an invalid certificate key...

5CVSS6.9AI score0.08518EPSS
Exploits0References46Affected Software1
Mageia
Mageia
added 2015/03/19 4:47 p.m.47 views

Updated openssl packages fix security vulnerabilities

Updated openssl packages fix security vulnerabilities: The function ASN1TYPEcmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1TYPEcmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verificati...

6.8CVSS7.6AI score0.21247EPSS
Exploits0References2
CVE
CVE
added 2015/03/19 12:0 a.m.214 views

CVE-2015-0288

CVE-2015-0288 affects OpenSSL X509_to_X509_REQ path. The vulnerability allows a NULL pointer dereference leading to DoS when presented with an invalid certificate key, impacting OpenSSL releases prior to 0.9.8zf, 1.0.0r, 1.0.1m, and 1.0.2a. Remediation is to upgrade to patched OpenSSL versions as...

5CVSS5.8AI score0.08518EPSS
Exploits0References46Affected Software1
Cvelist
Cvelist
added 2015/03/19 12:0 a.m.26 views

CVE-2015-0288

The X509toX509REQ function in crypto/x509/x509req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service NULL pointer dereference and application crash via an invalid certificate key...

5.9AI score0.08518EPSS
Exploits0References46
ArchLinux
ArchLinux
added 2015/03/19 12:0 a.m.58 views

lib32-openssl: multiple issues

CVE-2015-1787 denial of service If client auth is used then a server can segfault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - CVE-2015-0207 denial of service The DTLSv1listen...

6.8CVSS1.6AI score0.33482EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2015/03/19 12:0 a.m.45 views

Debian Security Advisory DSA 3197-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service...

7.5CVSS0.1AI score0.44503EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2015/03/19 12:0 a.m.32 views

CVE-2015-0288

The X509toX509REQ function in crypto/x509/x509req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service NULL pointer dereference and application crash via an invalid certificate key...

5CVSS6.1AI score0.08518EPSS
Exploits0
Hacker One
Hacker One
added 2015/03/15 12:0 a.m.49 views

Internet Bug Bounty: X509_to_X509_REQ NULL pointer deref

X509toX509REQ NULL pointer deref CVE-2015-0288 =================================================== Severity: Low The function X509toX509REQ will crash with a NULL pointer dereference if the certificate key is invalid. This function is rarely used in practice. This issue affects all current OpenSS...

5CVSS6.3AI score0.08518EPSS
Exploits0
OpenSSL
OpenSSL
added 2015/03/02 12:0 a.m.39 views

Vulnerability in OpenSSL - X509_to_X509_REQ NULL pointer deref

X509toX509REQ NULL pointer deref. The function X509toX509REQ will crash with a NULL pointer dereference if the certificate key is invalid. This function is rarely used in practice. Found by Brian Carpenter...

6.2AI score0.08518EPSS
Exploits0Affected Software1
Rows per page
Query Builder