CVE-2015-7547
- EPSS 93.42%
- Published 18.02.2016 21:59:00
- Last modified 12.04.2025 10:46:40
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrar...
CVE-2015-3197
- EPSS 18.01%
- Published 15.02.2016 02:59:01
- Last modified 12.04.2025 10:46:40
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 tra...
CVE-2015-3195
- EPSS 3.48%
- Published 06.12.2015 20:59:05
- Last modified 12.04.2025 10:46:40
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob...
- EPSS 85.45%
- Published 28.01.2015 19:59:00
- Last modified 12.04.2025 10:46:40
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu...