|Max CVSS||7.2||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.3
|16-10-2019 - 18:15||29-04-2019 - 15:29|
A flaw was found in 389-ds-base before version 22.214.171.124-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
|09-10-2019 - 23:35||14-09-2018 - 19:29|
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in
|03-10-2019 - 00:03||02-02-2018 - 14:29|
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
|31-05-2019 - 14:29||13-06-2018 - 16:29|
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6
|21-03-2019 - 16:00||25-09-2018 - 21:29|