David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)
Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)
More Stories
WP Engine Reprieve
I’ve heard from WP Engine customers that they are frustrated that WP Engine hasn’t been able to make updates, plugin...
aws-2020-12.1.fc39
FEDORA-2024-d940f25a53 Packages in this update: aws-2020-12.1.fc39 Update description: CVE-2024-41708: Ada Web Server did not use a cryptographically secure pseudorandom number...
aws-2020-16.1.fc40
FEDORA-2024-63f98f8c60 Packages in this update: aws-2020-16.1.fc40 Update description: CVE-2024-41708: Ada Web Server did not use a cryptographically secure pseudorandom number...
Ivanti Virtual Traffic Manager (vTM ) Authentication Bypass Vulnerability (CVE-2024-7593)
What is the Vulnerability?Ivanti Virtual Traffic Manager (vTM), a software application used to manage and optimize the delivery of applications...
ZDI-24-1310: Lenovo Service Bridge Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Lenovo Service Bridge. User interaction is required...