Lucene search
K

142 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : openssl-1.1.1k-4.el8 (AXSA:2021-2623:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2623:05 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has...

7.5CVSS7.1AI score0.50732EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 2: openssl (TSSA-2023:0336)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0336 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/05/29 3:7 p.m.15 views

CVE-2021-23840 affecting package shim-unsigned-x64 for versions less than 1.1.1-1

CVE-2021-23840 affecting package shim-unsigned-x64 for versions less than 1.1.1-1. A patched version of the package is available...

7.5CVSS7.9AI score0.50732EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-23840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the...

7.5CVSS6.7AI score0.50732EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.55 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.96275EPSS
Exploits28
OpenVAS
OpenVAS
added 2024/09/18 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-7018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.96275EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.13 views

Photon OS 3.0: Nxtgn PHSA-2021-3.0-0200

An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0200. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.4AI score0.50732EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.24 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability

On February 16, 2021, OpenSSL published security updates addressing CVE-2021-23841, CVE-2021-23839, and CVE-2021-23840. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement. Note that...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/07 3:15 p.m.45 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2021-23839, CVE-2021-23840, CVE-2021-23841

Summary There are vulnerabilities CVE-2021-23839, CVE-2021-23840, CVE-2021-23841 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for shim-signed (EulerOS-SA-2023-1748)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.70561EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 2:14 p.m.52 views

Security Bulletin: IBM Safer Payments is vulnerable to multiple OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Summary IBM Safer Payments uses OpenSSL. These OpenSSL vulnerabilities are addressed in IBM Safer Payments. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion of t...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.2 views

SUSE CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

6.5CVSS9.6AI score0.50732EPSS
Exploits0References139
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:0 p.m.52 views

Security Bulletin: IBM Aspera Orchestrator affected by OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Summary The following vulnerabilities have been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion of the logic during ...

7.5CVSS7.3AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/01 4:35 p.m.65 views

Security Bulletin: IBM Security Guardium is affected by OpenSSL denial of service vulnerabilities (CVE-2021-23840, CVE-2021-23841)

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to...

7.5CVSS7.5AI score0.50732EPSS
Exploits0Affected Software1
ICS
ICS
added 2022/05/10 12:0 a.m.49 views

Mitsubishi Electric MELSOFT GT OPC UA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT GT OPC UA Client Vulnerabilities: Out-of-bounds Read, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

7.5CVSS8.6AI score0.50732EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.50 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0017)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is clo...

7.5CVSS6.5AI score0.50732EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.50 views

Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL

Summary The vulnerability in CVE-2021-23839, CVE-2021-23840, CVE-2021-23841 have been addressed in the latest interim Fix iFix available on Fix Central for all 3 affected versions. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused...

7.5CVSS7AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/30 4:2 p.m.41 views

Security Bulletin: IBM QRadar Network Security is affected by denial of service vulnerabilities in OpenSSL (CVE-2021-23840, CVE-2021-23841)

Summary IBM QRadar Network Security has addressed vulnerabilities in OpenSSL. The issues could lead to a denial of service. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly lo...

7.5CVSS7.5AI score0.50732EPSS
Exploits0Affected Software1
Rows per page
Query Builder