MiracleLinux 9 : dotnet8.0-8.0.102-2.el9_3.ML.1 (AXSA:2024-7533:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7533:05 advisory. dotnet: Denial of Service in SignalR server CVE-2024-21386 dotnet: Denial of Service in X509Certificate2 CVE-2024-21404 Tenable has extracted the...

ROS-20240917-04

A vulnerability in the crypto.X509Certificate function of the Node.js software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

Internet Bug Bounty: CVE-2023-23919: Multiple OpenSSL error handling issues in nodejs crypto library

Multiple OpenSSL error handling issues were found in the Node.js crypto library. In some cases, Node.js did not clear the OpenSSL error stack after operations that may have set it, which could lead to false positive errors during subsequent cryptographic operations on the same thread and...

Node.js: Multiple OpenSSL error handling issues in nodejs crypto library

Multiple OpenSSL error handling issues were discovered in the Node.js crypto library up to version 19.2.0. The library did not clear the OpenSSL error stack after operations that may set it, which could lead to false positive errors during subsequent cryptographic operations that happen to be on...

Razer Synapse 3 Windows client local to mention the right vulnerability analysis-vulnerability warning-the black bar safety net

A, vulnerability introduction Razer Synapse（Ray cloud software installed in the system a service Razer Synapse Service, the service to NT AUTHORITY\SYSTEM permissions to run 会加载C:\ProgramData\Razer\目录中的多个.NET assembly. C:\ProgramData\Razer\and its subdirectories/files in the permissions aspect is...

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...

CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate...