cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2015-5291,https://securityvulnerability.io/vulnerability/CVE-2015-5291,,"Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message.  NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.",Arm,"Mbed Tls,Polarssl",,,0.01155999954789877,false,,false,false,false,,,false,false,,2015-11-02T19:00:00.000Z,0
CVE-2015-8036,https://securityvulnerability.io/vulnerability/CVE-2015-8036,,"Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session.  NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges.",Arm,"Mbed Tls,Polarssl",,,0.011429999954998493,false,,false,false,false,,,false,false,,2015-11-02T19:00:00.000Z,0