2 matches found
CVE-2021-3449
CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...
CVE-2024-24919
CVE-2024-24919 is a zero-day-like vulnerability in Check Point Security Gateways (Remote Access VPN/Mobile Access blades) allowing unauthenticated remote readers to fetch arbitrary files via path traversal (e.g., aCSHELL/../../../../../../../etc/shadow). Public PoCs and in-the-wild mentions exist...