Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 8:7 p.m.10 views

Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]

Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...

9.8CVSS8.7AI score0.00885EPSS
Exploits0Affected Software5
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

SUSE SLED15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2026:1386-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1386-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer...

9.8CVSS7.5AI score0.00885EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_0_0 (SUSE-SU-2026:1291-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1291-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference...

9.8CVSS7.6AI score0.00981EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.7 views

Photon OS 5.0: Openssl PHSA-2026-5.0-0810

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0810. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.7AI score0.00981EPSS
Exploits0References7
OSV
OSV
added 2026/04/09 1:49 a.m.5 views

BELL-CVE-2026-31789

Bulletin has no description...

9.8CVSS5.7AI score0.00225EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/04/09 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-8155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.00981EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/08 12:27 p.m.8 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.2AI score0.00981EPSS
Exploits0References20
Ubuntu
Ubuntu
added 2026/04/08 11:57 a.m.8 views

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

9.8CVSS6.2AI score0.00981EPSS
Exploits0
Circl
Circl
added 2026/04/07 11:31 p.m.4 views

CVE-2026-31789

creationtimestamp| type| source ---|---|--- 2026-04-07 23:31:27+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3miwwr7vxwk2o 2026-04-08 12:10:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3miyb6guojc23 2026-04-09 00:01:15+00:00| seen|...

9.8CVSS7.2AI score0.00225EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/04/07 10:0 p.m.2 views

CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

9.8CVSS6.5AI score0.00225EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A...

9.8CVSS8.6AI score0.00225EPSS
Exploits0References3
Rows per page
Query Builder