The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Tuxedo

OpenSSL 1.1: three vulnerabilities
An attacker can use several vulnerabilities of OpenSSL 1.1...
2004036, 2004940, 2011567, 492284, 492616, bulletinapr2017, CERTFR-2018-AVI-343, cisco-sa-20161114-openssl, cpuapr2019, cpujan2018, cpujul2017, CVE-2016-7053, CVE-2016-7054, CVE-2016-7055, ESA-2016-148, ESA-2016-149, FG-IR-17-019, JSA10775, JSA10990, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2018:0458-1, SA40423, VIGILANCE-VUL-21093
Apache Commons FileUpload: read-write access
An attacker can bypass access restrictions of Apache Commons FileUpload, in order to read or alter files...
2009844, 2011428, 2011689, 528262, 7018113, 7043863, 7048591, CERTFR-2018-AVI-531, cisco-sa-20181107-struts-commons-fileupload, cpuapr2019, cpuapr2020, cpujan2019, cpujan2021, cpujul2019, cpujul2020, cpuoct2019, CVE-2016-1000031, DSA-2018-210, openSUSE-SU-2019:1399-1, SUSE-SU-2019:1212-2, SUSE-SU-2019:1214-1, SUSE-SU-2019:14044-1, TRA-2016-12, VIGILANCE-VUL-20892, ZDI-16-570
OpenSSL 1.0.2i: NULL pointer dereference via CRL
An attacker can force a NULL pointer to be dereferenced via a CRL on an application linked to OpenSSL 1.0.2i, in order to trigger a denial of service...
1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-7052, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FreeBSD-SA-16:27.openssl, HPESBHF03856, JSA10759, openSUSE-SU-2016:2496-1, openSUSE-SU-2018:0458-1, SA132, SB10171, SP-CAAAPUE, SPL-129207, SSA:2016-270-01, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2019:14246-1, TNS-2016-16, VIGILANCE-VUL-20701
OpenSSL 1.1.0a: use after free via TLS
An attacker can force the usage of a freed memory area via TLS on an application linked to OpenSSL 1.1.0a, in order to trigger a denial of service, and possibly to run code...
1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, CVE-2016-6309, HPESBHF03856, JSA10759, SA132, TNS-2016-16, VIGILANCE-VUL-20700
OpenSSL: seven vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2000544, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, bulletinoct2016, CERTFR-2016-AVI-320, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpuapr2018, cpujan2017, cpujan2018, cpujan2020, cpujul2017, cpujul2019, cpujul2020, cpuoct2017, cpuoct2020, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, DLA-637-1, DSA-2020-062, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, HT207423, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, RHSA-2016:2802-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA132, SA40312, SB10171, SB10215, SOL54211024, SOL90492697, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, STORM-2016-005, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2019:14246-1, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20678
Blowfish, Triple-DES: algorithms too weak, SWEET32
An attacker can create a TLS/VPN session with a Blowfish/Triple-DES algorithm, and perform a two days attack, in order to decrypt data...
1610582, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1994375, 1995099, 1995922, 1998797, 1999054, 1999421, 2000209, 2000212, 2000370, 2000544, 2001608, 2002021, 2002335, 2002336, 2002479, 2002537, 2002870, 2002897, 2002991, 2003145, 2003480, 2003620, 2003673, 2004036, 2008828, 523628, 9010102, bulletinapr2017, c05349499, c05369403, c05369415, c05390849, CERTFR-2017-AVI-012, CERTFR-2019-AVI-049, CERTFR-2019-AVI-311, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpujan2020, cpujul2017, cpujul2019, cpujul2020, cpuoct2017, cpuoct2020, CVE-2016-2183, CVE-2016-6329, DSA-2018-124, DSA-2019-131, DSA-2020-072, DSA-3673-1, DSA-3673-2, FEDORA-2016-7810e24465, FEDORA-2016-dc2cb4ad6b, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FG-IR-17-173, HPESBGN03697, HPESBGN03765, HPESBUX03725, HPSBGN03690, HPSBGN03694, HPSBHF03674, ibm10718843, java_jan2017_advisory, JSA10770, K13167034, KM03060544, NTAP-20160915-0001, openSUSE-SU-2016:2199-1, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2017:1638-1, openSUSE-SU-2018:0458-1, RHSA-2017:0336-01, RHSA-2017:0337-01, RHSA-2017:0338-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, RHSA-2018:2123-01, SA133, SA40312, SB10171, SB10186, SB10197, SB10215, SB10310, SOL13167034, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SSA:2016-363-01, SSA-556833, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2017:1444-1, SUSE-SU-2017:2838-1, SUSE-SU-2017:3177-1, SUSE-SU-2019:14246-1, SWEET32, TNS-2016-16, USN-3087-1, USN-3087-2, USN-3270-1, USN-3339-1, USN-3339-2, USN-3372-1, VIGILANCE-VUL-20473
OpenSSL: memory corruption via BN_bn2dec
An attacker can generate a memory corruption via BN_bn2dec() of OpenSSL, in order to trigger a denial of service, and possibly to run code...
1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-2182, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, JSA10759, K01276005, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, SA132, SA40312, SB10171, SB10215, SOL01276005, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20460
OpenSSL: denial of service via DTLS Window
An attacker can send a DTLS packet with a large sequence number to an application compiled with OpenSSL, in order to trigger a denial of service...
1996096, 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2003480, 2003620, 2003673, bulletinapr2017, bulletinjul2016, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-2181, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, JSA10759, K59298921, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, SA132, SB10215, SOL59298921, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20458
OpenSSL: denial of service via DTLS Reassembly
An attacker can send DTLS packets in the wrong order with missing packets to an application compiled with OpenSSL, in order to trigger a denial of service...
1996096, 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2003480, 2003620, 2003673, bulletinapr2017, bulletinjul2016, bulletinjul2018, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-2179, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, SA132, SB10215, SOL23512141, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20457
Firefox, Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Mozilla Firefox/Thunderbird...
2000347, CERTFR-2016-AVI-259, cpujul2018, CVE-2016-0718, CVE-2016-2830, CVE-2016-2835, CVE-2016-2836, CVE-2016-2837, CVE-2016-2838, CVE-2016-2839, CVE-2016-5250, CVE-2016-5251, CVE-2016-5252, CVE-2016-5253, CVE-2016-5254, CVE-2016-5255, CVE-2016-5258, CVE-2016-5259, CVE-2016-5260, CVE-2016-5261, CVE-2016-5262, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-5266, CVE-2016-5267, CVE-2016-5268, DLA-585-1, DLA-640-1, DSA-3640-1, DSA-3686-1, FEDORA-2016-7dd68d253f, FEDORA-2016-e77b6d963a, FEDORA-2016-f8ae4ede46, MFSA-2016-62, MFSA-2016-63, MFSA-2016-64, MFSA-2016-65, MFSA-2016-66, MFSA-2016-67, MFSA-2016-68, MFSA-2016-69, MFSA-2016-70, MFSA-2016-71, MFSA-2016-72, MFSA-2016-73, MFSA-2016-74, MFSA-2016-75, MFSA-2016-76, MFSA-2016-77, MFSA-2016-78, MFSA-2016-79, MFSA-2016-80, MFSA-2016-81, MFSA-2016-82, MFSA-2016-83, MFSA-2016-84, openSUSE-SU-2016:1964-1, openSUSE-SU-2016:2026-1, openSUSE-SU-2016:2253-1, openSUSE-SU-2016:2254-1, openSUSE-SU-2016:2378-1, RHSA-2016:1551-01, RHSA-2016:1809-01, SSA:2016-219-02, SSA:2016-244-01, SUSE-SU-2016:2061-1, SUSE-SU-2016:2131-1, SUSE-SU-2016:2195-1, SUSE-SU-2019:2872-1, USN-3044-1, USN-3073-1, VIGILANCE-VUL-20294, ZDI-16-673
Our database contains other pages. You can request a free trial to read them.

Display information about Tuxedo: