CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2017-8978 – HPE Security Bulletin HPESBMU03806 1
https://notcve.org/view.php?id=CVE-2017-8978
18 Jan 2018 — A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found. SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01 y S4FND 1.02, no valida suficientemente y/o codifica los campos ocultos, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS). A potential security vulnerability has been identified in HPE IceWall Products. The vulnerability could be exploited remotely resulting in unauthorized disclosure of information or unauthori... • https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03806en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 10%CPEs: 51EXPL: 0CVE-2016-6306 – openssl: certificate message OOB reads
https://notcve.org/view.php?id=CVE-2016-6306
22 Sep 2016 — The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. El analizador certificado en OpenSSL en versiones anteriores a 1.0.1u y 1.0.2 en versiones anteriores a 1.0.2i podría permitir a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de operaciones certificadas manipuladas, relacionado con s3_clnt.c y s3_... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 36%CPEs: 38EXPL: 0CVE-2016-2182 – openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
https://notcve.org/view.php?id=CVE-2016-2182
16 Sep 2016 — The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. La función BN_bn2dec en crypto/bn/bn_print.c en OpenSSL en versiones anteriores a 1.1.0 no valida adecuadamente resultados de la división, lo que permite a atacantes remotos provocar una denegación de servicio (escritura fuera de ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-391: Unchecked Error Condition CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 33%CPEs: 39EXPL: 0CVE-2016-2177 – openssl: Possible integer overflow vulnerabilities in codebase
https://notcve.org/view.php?id=CVE-2016-2177
20 Jun 2016 — OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. OpenSSL hasta la versión 1.0.2h no utiliza correctamente la aritmética de puntero para comprobaciones de límites de buffer de memoria dinámica, lo que podría permitir a atacantes remo... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2014-2604 – HP Security Bulletin HPSBGN03007
https://notcve.org/view.php?id=CVE-2014-2604
20 May 2014 — Unspecified vulnerability in HP IceWall SSO 10.0 Dfw and IceWall MCRP 2.1 and 3.0 allows remote attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP IceWall SSO 10.0 Dfw y IceWall MCRP 2.1 y 3.0 permite a atacantes remotos causar una denegación de servicio a través de vectores desconocidos. A potential security vulnerability has been identified with HP IceWall MCRP and HP IceWall SSO. The vulnerability could be exploited remotely resulting in a Denial of Service (... • http://www.securitytracker.com/id/1030264 •