USN-6632-1: OpenSSL vulnerabilities - Cyber Security News

Read Time:21 Second

David Benjamin discovered that OpenSSL incorrectly handled excessively long
X9.42 DH keys. A remote attacker could possibly use this issue to cause
OpenSSL to consume resources, leading to a denial of service.
(CVE-2023-5678)

Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed
PKCS12 files. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727)

More Stories

Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9 # Date: 04/2025...

Stored XSS in “Message” Functionality – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in "Message" Functionality - alegrocartv1.2.9 # Date: 04/2025...

XSS via SVG Image Upload – AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9 # Date: 04/2025...

BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution

Posted by Housma mardini on Apr 23 Hi Full Disclosure, I'd like to share a local privilege escalation technique involving...

USN-7454-1: libarchive vulnerabilities

It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system...

USN-7453-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...