CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2015-3193 – OpenSSL Security Advisory 20171102
https://notcve.org/view.php?id=CVE-2015-3193
03 Dec 2015 — The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite. La implementación de exponenciación al cuadrado de Montgomery en crypto/bn/asm/x86_64-mont5.pl e... • http://fortiguard.com/advisory/openssl-advisory-december-2015 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2015-6764 – v8: unspecified out-of-bounds access vulnerability
https://notcve.org/view.php?id=CVE-2015-6764
03 Dec 2015 — The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. La función BasicJsonStringifier::SerializeJSArray en json-stringifier.h en el stringifier JSON en Google V8, como se utiliza en Google Chrome en versiones anteri... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •