CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2022/11/11 12:0 a.m.•26 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Vulnerability (NS-SA-2022-0079)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a...

Tenable Nessus•added 2022/09/06 12:0 a.m.•31 views

Exploits5References3

Amazon Linux 2022 : openssl1.1 (ALAS2022-2022-105)

The version of openssl1.1 installed on the remote host is prior to 1.1.1l-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-105 advisory. The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed b...

Tenable Nessus•added 2022/07/15 12:0 a.m.•331 views

Exploits5References3

Amazon Linux 2 : openssl11 (ALAS-2022-1815)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1815 advisory. The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by...

Tenable Nessus•added 2022/07/08 12:0 a.m.•38 views

Exploits5References3

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-2007)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating...

Tenable Nessus•added 2022/07/08 12:0 a.m.•333 views

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2022:2321-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2321-1 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by so...

10CVSS7.5AI score0.38894EPSS

Exploits6References7

Amazon•added 2022/07/07 12:0 a.m.•44 views

Medium: openssl

Issue Overview: The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the...

10CVSS7.6AI score0.38894EPSS

Tenable Nessus•added 2022/06/28 12:0 a.m.•52 views

Slackware Linux 14.2 openssl Multiple Vulnerabilities (SSA:2022-179-03)

The version of openssl installed on the remote host is prior to 1.0.2u. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-179-03 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distribut...

10CVSS7.4AI score0.38894EPSS

Exploits6References3

Fedora•added 2022/06/23 12:41 a.m.•74 views

[SECURITY] Fedora 36 Update: openssl1.1-1.1.1o-1.fc36

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases...

9.8CVSS4.1AI score0.38894EPSS

OpenVAS•added 2022/06/22 12:0 a.m.•13 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1943)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.38894EPSS

Tenable Nessus•added 2022/06/22 12:0 a.m.•41 views

EulerOS 2.0 SP8 : compat-openssl10 (EulerOS-SA-2022-1924)

According to the versions of the compat-openssl10 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some...

10CVSS7.1AI score0.38894EPSS

Tenable Nessus•added 2022/06/22 12:0 a.m.•53 views

EulerOS 2.0 SP8 : openssl (EulerOS-SA-2022-1943)

Tenable Nessus•added 2022/06/15 12:0 a.m.•38 views

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2022:2068-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2068-1 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some...

GithubExploit•added 2022/05/30 4:59 p.m.•1362 views

Exploits5References5

Exploit for OS Command Injection in Siemens Brownfield_Connectivity_Gateway

PoC exploit for CVE-2022-1292, an OpenSSL crehash vulnerability...

10CVSS6.8AI score0.38894EPSS

Tenable Nessus•added 2022/05/18 12:0 a.m.•73 views

Debian DSA-5139-1 : openssl - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5139 advisory. Elison Niven discovered that the crehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands...

10CVSS7.1AI score0.38894EPSS

Exploits5References6

Tenable Nessus•added 2022/05/04 12:0 a.m.•46 views

Slackware Linux 14.2 / 15.0 / current openssl Vulnerability (SSA:2022-124-02)

The version of openssl installed on the remote host is prior to 1.0.2u / 1.1.1o. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-124-02 advisory. - The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distribut...