Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Cp 1543-1
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41991 4 Debian, Fedoraproject, Siemens and 1 more 46 Debian Linux, Fedora, Cp 1543-1 and 43 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility.
CVE-2014-0160 13 Broadcom, Canonical, Debian and 10 more 35 Symantec Messaging Gateway, Ubuntu Linux, Debian Linux and 32 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.