An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renego

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPar

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sourc

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms

Cross-site scripting (XSS) vulnerability in Tenable Log Correlation Engine (aka LCE) before 4.8.1 allows remote authenticated user

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in un