CVSS: 9.8EPSS: 12%CPEs: 2EXPL: 2CVE-2015-5334 – Apple Security Advisory 2018-10-30-9
https://notcve.org/view.php?id=CVE-2015-5334
18 Oct 2015 — Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an incorrect fix for CVE-2014-3508. Un error por un paso en la función OBJ_obj2txt en LibreSSL versiones anteriores a 2.3.1, permite a atacantes remotos causar una denegación de servicio (bloqueo del programa) o posi... • http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9424
https://notcve.org/view.php?id=CVE-2014-9424
29 Dec 2014 — Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake. Doble vulnerabilidad de liberación en la función ssl_parse_clienthello_use_srtp_ext en d1_srtp.c en LibreSSL anterior a 2.1.2 permite a atacantes remotos causar una denegación de servicio o la posibilidad de tener... • https://code.google.com/p/google-security-research/issues/detail?id=202 •