Vulmon Recent Vulnerabilities Trends Blog About Contact

secure global desktop vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2002-0012
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into...
Snmp Snmp
NA
CVE-2002-0013
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test...
Snmp Snmp
7.5
CVSSv3
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by...
Openssl OpensslFilezilla-project Filezilla ServerSiemens Application Processing Engine Firmware 2.0Siemens Cp 1543-1 Firmware 1.1Siemens Simatic S7-1500 Firmware 1.5Siemens Simatic S7-1500t Firmware 1.5Siemens Elan-8.2Siemens Wincc Open Architecture 3.12Intellian V100 Firmware 1.20Intellian V100 Firmware 1.21Intellian V100 Firmware 1.24Intellian V60 Firmware 1.15Intellian V60 Firmware 1.25Mitel Micollab 6.0Mitel Micollab 7.0Mitel Micollab 7.1Mitel Micollab 7.2Mitel Micollab 7.3Mitel Micollab 7.3.0.104Mitel Mivoice 1.1.2.5Mitel Mivoice 1.1.3.3Mitel Mivoice 1.2.0.11Mitel Mivoice 1.3.2.2Mitel Mivoice 1.4.0.102Opensuse Opensuse 12.3Opensuse Opensuse 13.1Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 12.10Canonical Ubuntu Linux 13.10Fedoraproject Fedora 19Fedoraproject Fedora 20Redhat Gluster Storage 2.1Redhat Storage 2.1Redhat Virtualization 6.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Server Aus 6.5Redhat Enterprise Linux Server Eus 6.5Redhat Enterprise Linux Server Tus 6.5Redhat Enterprise Linux Workstation 6.0Debian Debian Linux 6.0Debian Debian Linux 7.0Debian Debian Linux 8.0
NA
CVE-2015-1790
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.0qOpenssl Openssl 1.0.0rOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2Openssl Openssl 1.0.2a
NA
CVE-2015-1791
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.0qOpenssl Openssl 1.0.0rOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2Openssl Openssl 1.0.2a
NA
CVE-2015-1792
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.0qOpenssl Openssl 1.0.0rOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2Openssl Openssl 1.0.2a
7.5
CVSSv3
CVE-2015-1789
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.0qOpenssl Openssl 1.0.0rOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2Openssl Openssl 1.0.2aOracle Sparc-opl Service Processor
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.0qOpenssl Openssl 1.0.0rOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1lOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2Openssl Openssl 1.0.2a
NA
CVE-2014-8176
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS...
Openssl OpensslOpenssl Openssl 1.0.0Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.1Openssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1g
NA
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4...
Apache Http ServerGnu GnutlsMicrosoft Internet Information Server 7.0Mozilla NssOpenssl OpensslOpenssl Openssl 1.0Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.04Canonical Ubuntu Linux 9.10Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 10.10Debian Debian Linux 4.0Debian Debian Linux 5.0Debian Debian Linux 6.0Debian Debian Linux 7.0Debian Debian Linux 8.0Fedoraproject Fedora 11Fedoraproject Fedora 12Fedoraproject Fedora 13Fedoraproject Fedora 14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalationTCPCVE-2020-4865CVE-2021-3297CVE-2018-15473CVE-2021-3317CVE-2021-23240denial of serviceCVE-2020-16107