Vulnerability & Exploit Database

Displaying entries 1 - 10 of 15 in total

Results for: CVE-2015-7940 Back to search

Ubuntu: USN-3727-1 (CVE-2015-7940): Bouncy Castle vulnerabilities Vulnerability

  • Severity: 5
  • Published: November 09, 2015

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

SUSE: CVE-2015-7940: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: November 09, 2015

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

Oracle WebLogic: CVE-2015-7940 : Critical Patch Update Vulnerability

  • Severity: 5
  • Published: November 09, 2015

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

Debian: CVE-2015-7940: bouncycastle -- security update Vulnerability

  • Severity: 5
  • Published: November 09, 2015

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

USN-2476-1: Oxide vulnerabilities Vulnerability

  • Severity: 8
  • Published: January 22, 2015

Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

SUSE: CVE-2014-7940: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: January 22, 2015

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted charac...

Oracle Solaris 11: CVE-2014-7940: Vulnerability in Localization (L10N) Vulnerability

  • Severity: 8
  • Published: January 22, 2015

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted charac...

RHSA-2015:0093: chromium-browser security update Vulnerability

  • Severity: 8
  • Published: January 22, 2015

Chromium is an open-source web browser, powered by WebKit (Blink).Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Chromium to crash or,potentially, execute arbitrary code with the privileges of the user runningChromium. (CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, C...

Google Chrome Vulnerability: CVE-2014-7940 Vulnerability

  • Severity: 8
  • Published: January 22, 2015

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted charac...

Gentoo Linux: CVE-2014-7940: ICU: Multiple Vulnerabilities Vulnerability

  • Severity: 8
  • Published: January 22, 2015

The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted charac...