IDCVSSSummaryLast (major) updatePublished
CVE-2019-1559 4.3
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid
27-02-2019 - 18:29 27-02-2019 - 18:29
CVE-2018-18314 7.5
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
07-12-2018 - 16:29 07-12-2018 - 16:29
CVE-2018-18313 6.4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
07-12-2018 - 16:29 07-12-2018 - 16:29
CVE-2018-18311 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
07-12-2018 - 16:29 07-12-2018 - 16:29
CVE-2018-18312 7.5
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
05-12-2018 - 17:29 05-12-2018 - 17:29
CVE-2018-0735 4.3
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in Ope
29-10-2018 - 14:29 29-10-2018 - 09:29
CVE-2018-12015 6.4
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
07-06-2018 - 09:29 07-06-2018 - 09:29
CVE-2016-8610 5.0
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL ser
13-11-2017 - 17:29 13-11-2017 - 17:29
CVE-2015-8544 5.0
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
24-02-2017 - 13:50 07-02-2017 - 12:59
Back to Top Mark selected
Back to Top