CVE-2021-23840
- EPSS 0.57%
- Veröffentlicht 16.02.2021 17:15:13
- Zuletzt bearbeitet 21.11.2024 05:51:55
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value ...
CVE-2021-23841
- EPSS 0.67%
- Veröffentlicht 16.02.2021 17:15:13
- Zuletzt bearbeitet 21.11.2024 05:51:55
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while...
CVE-2020-1971
- EPSS 0.34%
- Veröffentlicht 08.12.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:11:45
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...
CVE-2020-5794
- EPSS 0.05%
- Veröffentlicht 06.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:34:36
A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named use...