Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
High

CVE-2014-0160 (AKA: Heartbleed)

Disclosure Date: April 07, 2014 (last updated November 08, 2023)
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Attacker Value
Unknown

CVE-2014-0964

Disclosure Date: May 16, 2014 (last updated October 05, 2023)
IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
0
Attacker Value
Unknown

CVE-2014-2601

Disclosure Date: April 24, 2014 (last updated October 05, 2023)
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool.
0