openssl vulnerabilities and exploits

NA
CVE-2019-2786

Oracle Java SE/Java SE Embedded CVE-2019-2786 Remote Security Vulnerability...

NA
CVE-2019-2816

An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Networking component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact....

NA
CVE-2019-2842

An unspecified vulnerability in Oracle Java SE related to the Java SE JCE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors....

6.4
CVSSv2
CVE-2019-3862

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client...

NA
CVE-2019-2745

Oracle Java SE CVE-2019-2745 Local Security Vulnerability...

NA
CVE-2019-2762

Oracle Java SE/Java SE Embedded CVE-2019-2762 Remote Security Vulnerability...

6.4
CVSSv2
CVE-2019-3858

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory....

6.4
CVSSv2
CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client...

4.3
CVSSv2
CVE-2018-14567

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251....

NA
CVE-2018-14373

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none....