Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rsa access manager agent vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2
CVE-2012-2281
EMC RSA Access Manager Server 6.x prior to 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote malicious users to conduct replay attacks via unspecified vectors.
Rsa Access Manager Server 6.1Rsa Access Manager AgentRsa Access Manager Server 6.0
5.7
CVSSv2
CVE-2010-3017
Unspecified vulnerability in RSA Access Manager Agent 4.7.1 prior to 4.7.1.7, when RSA Adaptive Authentication Integration is enabled, allows remote malicious users to bypass authentication and obtain sensitive information via unknown vectors.
Rsa Access Manager Agent 4.7.1
7.5
CVSSv2
CVE-2005-1471
Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote malicious users to execute arbitrary code via crafted chunked-encoding data.
Rsa Securid Web Agent 5Rsa Securid Web Agent 5.2Rsa Securid Web Agent 5.3
NA
CVE-2022-20866
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to retrieve an RSA private key. This vulnerability is due to a l...
Cisco Adaptive Security Appliance SoftwareCisco Firepower Threat Defense
NA
CVE-2023-20107
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls c...
Cisco Adaptive Security ApplianceCisco Firepower Threat Defense
5
CVSSv2
CVE-2019-1715
A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user t...
Cisco Firepower Threat DefenseCisco Adaptive Security Appliance Device Manager
5
CVSSv2
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Santricity Smi-s Provider -Netapp Storagegrid -Netapp Clustered Data Ontap -Netapp Clustered Data Ontap Antivirus Connector -Netapp Cloud Volumes Ontap Mediator -Netapp A250 Firmware -Netapp 500f Firmware -Fedoraproject Fedora 34Fedoraproject Fedora 36Tenable NessusMariadb MariadbNodejs Node.js
4.3
CVSSv2
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Fedoraproject Fedora 33Oracle Api Gateway 11.1.2.4.0Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Business Intelligence 12.2.1.3.0Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Jd Edwards World Security A9.4Oracle Business Intelligence 12.2.1.4.0Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Business Intelligence 5.5.0.0.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Http Server 12.2.1.4.0Oracle Enterprise Manager For Storage Management 13.4.0.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle MysqlOracle Graalvm 19.3.4Oracle Graalvm 20.3.0Oracle Essbase 21.2
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
4.3
CVSSv2
CVE-2015-0208
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to...
Openssl Openssl 1.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook