Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2015-3238
- EPSS 3.61%
- Veröffentlicht 24.08.2015 14:59:04
- Zuletzt bearbeitet 12.04.2025 10:46:40
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
7.5
CVE-2015-1789
- EPSS 3.91%
- Veröffentlicht 12.06.2015 19:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a cr...
4.3
CVE-2015-4000
- EPSS 94.03%
- Veröffentlicht 21.05.2015 00:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...
1