Skip to main content
CVE-2016-2181 HIGH Act Now

The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.3% and no vendor patch available.

Denial Of Service OpenSSL Linux
NVD
CVSS 3.0
7.5
EPSS
24.3%
CVE-2016-2179 HIGH Act Now

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.3% and no vendor patch available.

Denial Of Service OpenSSL Linux
NVD
CVSS 3.0
7.5
EPSS
18.3%
CVE-2016-6302 HIGH PATCH Act Now

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.4%.

Denial Of Service OpenSSL Linux Solaris
NVD
CVSS 3.0
7.5
EPSS
10.4%
CVE-2016-6936 HIGH This Week

Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Google Information Disclosure Microsoft Air Sdk Compiler
NVD
CVSS 3.0
7.5
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy