22 matches found
CVE-2020-35169
CVE-2020-35169 is tied to Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.5.2) with an Improper Input Validation vulnerability. Public sources in the connected documents confirm high-severity impact (CVSS v3.1: 9.8, network access, no authentication, high c...
CVE-2018-11058
CVE-2018-11058 affects RSA BSAFE Micro Edition Suite (4.0.x before 4.0.11; 4.1.x before 4.1.6) and RSA BSAFE Crypto-C Micro Edition (4.0.x before 4.0.5.3). The issue is a buffer over-read when parsing ASN.1 data, exploitable by remotely crafted ASN.1 input. Connected Nessus entries (e.g., Oracle ...
CVE-2020-26185
Dell BSAFE Micro Edition Suite (Dell) is affected by a Buffer Over-Read Vulnerability in versions prior to 4.5.1. Public docs consistently cite a remote-exploitable issue that can crash an application and cause denial of service. The CVSS data in the sources show a high impact (availability impac...
CVE-2020-35166
CVE-2020-35166 affects Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.6) with an Observable Timing Discrepancy Vulnerability. The Initial Description specifies the affected products/versions and that the vulnerability is timing-related, implying potential ...
CVE-2020-35163
Technical details about CVE-2020-35163 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2020-35164
Summary (CVE-2020-35164) Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) have an observable timing discrepancy vulnerability. Connected sources (PT-2022-8918) corroborate affected versions and advise upgrading to 4.1.5+ and 4.6+ r...
CVE-2020-35168
CVE-2020-35168 affects Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) with an Observable Timing Discrepancy vulnerability. The initial document provides CVSS metrics indicating high impact (network attack, no user interaction) wi...
CVE-2020-29508
CVE-2020-29508 affects Dell BSAFE Crypto-C Micro Edition (versions prior to 4.1.5) and Dell BSAFE Micro Edition Suite (versions prior to 4.6). The root cause is an Improper Input Validation vulnerability. Public references (CNVD/NVD/CVE records and Nessus-related entries) confirm the affected pro...
CVE-2020-35167
Technical details for CVE-2020-35167 are not publicly available in the provided documents. Monitor for updates and additional sources.
CVE-2020-29506
Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.5.2) contain an Observable Timing Discrepancy Vulnerability. The issue is documented with concrete vulnerable components and affected versions; upgrading to 4.1.5 and 4.5.2 respectively...
CVE-2020-5360
CVE-2020-5360 refers to a buffer under-read vulnerability in Dell BSAFE Micro Edition Suite, before version 4.5. The NVD entry notes unauthenticated remote exploitation with network access potentially causing undefined behavior or a crash (availability impact). Corporate context in connected docu...
CVE-2018-11055
RSA BSAFE Micro Edition Suite (MES) contains an Improper Clearing of Heap Memory Before Release vulnerability in MES versions 4.0.x before 4.0.11 and 4.1.x before 4.1.6.1. Decoded PKCS#12 data in heap memory is not zeroized before memory release, enabling a local attacker to access previously dec...
CVE-2018-15769
CVE-2018-15769 affects RSA BSAFE Micro Edition Suite: versions before 4.0.11 (4.0.x) and before 4.1.6.2 (4.1.x). The issue is a key management flaw that can allow a TLS server using Ephemeral/Anonymous Diffie-Hellman (DHE/ADH) ciphers to cause a Denial-of-Service on TLS clients during the handsha...
CVE-2018-11056
The CVE describes a DoS risk in Dell EMC RSA BSAFE Micro Edition Suite (MES) before 4.1.6.1 (4.1.x line) and RSA BSAFE Crypto-C Micro Edition before 4.0.5.3 (4.0.x line). The vulnerability is an Uncontrolled Resource Consumption (Resource Exhaustion) when parsing ASN.1 data, allowing a remote att...
CVE-2020-26184
CVE-2020-26184 affects Dell BSAFE Micro Edition Suite prior to 4.5.1. The vulnerability is improper certificate validation in the library/component, with a CVSSv3 base score of 7.5 (HIGH) and network vector with no privileges required. Affected versions must be updated to 4.5.1 or later to resolv...
CVE-2020-29507
CVE-2020-29507 affects Dell BSAFE Crypto-C Micro Edition (before 4.1.4) and Dell BSAFE Micro Edition Suite (before 4.4). The vulnerability is described as an Improper Input Validation issue. Public references in the connected documents confirm affected versions and provide remediation guidance: u...
CVE-2018-11054
CVE-2018-11054 affects RSA BSAFE Micro Edition Suite (MES) 4.1.6. An integer overflow vulnerability exists in the MES ASN.1 processing, allowing a remote attacker to trigger a Denial of Service by sending maliciously constructed ASN.1 data. The provided documents confirm the vulnerability details...
CVE-2018-11057
CVE-2018-11057 affects Dell EMC RSA BSAFE Micro Edition Suite (MES) versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x). The vulnerability is a covert timing channel during RSA decryption, i.e., Bleichenbacher-style timing leakage, enabling a remote attacker to recover an RSA key. The...
CVE-2020-14655
CVE-2020-14655 affects Oracle Security Service (SSL API) in Oracle Fusion Middleware. Affects 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Vulnerability allows unauthenticated attackers over HTTPS to access/modify Oracle Security Service data with C:H I:L, per CVSSv3.1 base metrics (Network, high attac...
CVE-2018-2765
CVE-2018-2765 affects Oracle Fusion Middleware’s Security Service component (subcomponent: Oracle SSL API). Affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. The vulnerability allows an unauthenticated attacker with network access via HTTPS to access Oracle Security Service data, po...
CVE-2017-10166
CVE-2017-10166 affects Oracle Fusion Middleware’s Oracle Security Service (subcomponent: Oracle SSL API). Vulnerable versions: Oracle Fusion Middleware 11.1.1.9.0 and 12.1.3.0.0. The issue allows an unauthenticated, network-accessible attacker over HTTPS to compromise the Oracle Security Service,...
CVE-2020-14530
CVE-2020-14530 affects Oracle Security Service in Oracle Fusion Middleware (11.1.1.9.0). Description: unauthenticated attacker over HTTPS can access data within Oracle Security Service, indicating a confidentiality impact. CVSSv3.1 base score 5.9 (C:H, A:N) with network attack vector and high att...