| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3194 | 5.0 |
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function p
|
13-12-2022 - 12:15 | 06-12-2015 - 20:59 | |
| CVE-2015-3195 | 5.0 |
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob
|
13-12-2022 - 12:15 | 06-12-2015 - 20:59 | |
| CVE-2016-0799 | 10.0 |
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have uns
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2016-0705 | 10.0 |
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp
|
13-12-2022 - 12:15 | 03-03-2016 - 20:59 | |
| CVE-2011-4969 | 4.3 |
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
|
16-04-2019 - 18:29 | 08-03-2013 - 22:55 | |
| CVE-2015-7995 | 5.0 |
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. <a href="http://cwe.mitr
|
08-03-2019 - 16:06 | 17-11-2015 - 15:59 | |
| CVE-2015-8035 | 2.6 |
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
|
08-03-2019 - 16:06 | 18-11-2015 - 16:59 | |
| CVE-2015-3237 | 6.4 |
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
|
17-10-2018 - 01:29 | 22-06-2015 - 19:59 | |
| CVE-2007-6750 | 5.0 |
The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15.
|
10-01-2018 - 02:29 | 27-12-2011 - 18:55 | |
| CVE-2016-2842 | 10.0 |
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memo
|
05-01-2018 - 02:30 | 03-03-2016 - 20:59 | |
| CVE-2016-2015 | 6.6 |
HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors.
|
01-12-2016 - 03:08 | 14-05-2016 - 15:59 |