|Max CVSS||6.8||Min CVSS||5.0||Total Count||6|
|ID||CVSS||Summary||Last (major) update||Published|
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-c
|01-08-2018 - 12:29||01-08-2018 - 12:29|
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired g
|01-08-2018 - 09:29||01-08-2018 - 09:29|
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.
|31-07-2018 - 15:29||31-07-2018 - 15:29|
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an
|30-07-2018 - 12:29||30-07-2018 - 12:29|
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissio
|24-07-2018 - 11:29||24-07-2018 - 11:29|
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None.
|16-07-2018 - 15:29||16-07-2018 - 15:29|