182 matches found
MiracleLinux 7 : openssl-1.0.2k-23.el7 (AXSA:2022-2926:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2926:01 advisory. openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 Tenable has extracted the preceding description block directly from the MiracleLinux...
Ubuntu: Security Advisory (USN-7894-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TencentOS Server 2: openssl (TSSA-2023:0337)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0337 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Azure Linux 3.0 Security Update: edk2 / openssl (CVE-2021-3712)
The version of edk2 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3712 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a...
Oracle Siebel Server <= 22.10 (April 2023 CPU)
The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Siebel Core - Server Infrastructure OpenSSL. Supported versions that are affected...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
CBL Mariner 2.0 Security Update: openssl (CVE-2021-3712)
The version of openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3712 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer...
CVE-2021-3712 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2021-3712 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. A patched version of the package is available...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating OpenSSL
Summary IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating OpenSSL Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation...
BELL-CVE-2021-3712 CVE-2021-3712 does not affect BellSoft software
Bulletin has no description...
Huawei EulerOS: Security Advisory for shim-signed (EulerOS-SA-2023-1748)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K19559038: OpenSSL vulnerability CVE-2021-3712
Security Advisory Description ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which i...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-1281)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2023-1281)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string da...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure or denial of service in OpenSSL (CVE-2021-3712)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure or denial of service in OpenSSL, caused by an out-of-bounds read when processing ASN.1 strings CVE-2021-3712. OpenSSL is used as part of the base image included in our service component...
Tenable Nessus Network Monitor < 6.0.0 Multiple Vulnerabilities (TNS-2022-02)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Synology DiskStation Manager (DSM) 6.2.x, 7.x < 7.0.1-42218 OpenSSL Vulnerabilities (Synology-SA-21:24)
Synology DiskStation Manager DSM is prone to multiple vulnerabilities in OpenSSL. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities
Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of "Arrays.equals" to validate a password or key. By...