CVE-2021-41991
- EPSS 2.33%
- Veröffentlicht 18.10.2021 14:15:10
- Zuletzt bearbeitet 21.11.2024 06:27:02
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less...
CVE-2021-3449
- EPSS 13.18%
- Veröffentlicht 25.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:33
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...
CVE-2020-27827
- EPSS 0.42%
- Veröffentlicht 18.03.2021 17:15:13
- Zuletzt bearbeitet 21.11.2024 05:21:53
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerabilit...
CVE-2020-9272
- EPSS 0.77%
- Veröffentlicht 20.02.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:40:19
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
- EPSS 52.27%
- Veröffentlicht 20.02.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:40:19
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.