Lucene search
K

15 matches found

Debian
Debian
added 2026/06/09 9:56 a.m.8 views

[SECURITY] [DLA 4624-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 09, 2026 https://wiki.debian.org/LTS -...

8.1CVSS7.8AI score0.00885EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

Debian dla-4624 : libcrypto1.1-udeb - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4624 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected]...

8.1CVSS7.8AI score0.00885EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 8:7 p.m.10 views

Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]

Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...

9.8CVSS8.7AI score0.00885EPSS
Exploits0Affected Software5
OSV
OSV
added 2026/04/30 4:45 p.m.12 views

CLSA-2026-1777567502 openssl: Fix of CVE-2026-28387

CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...

8.1CVSS7.3AI score0.00631EPSS
Exploits0References1
OSV
OSV
added 2026/04/25 5:49 a.m.6 views

OESA-2026-2044 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

8.1CVSS6.5AI score0.00885EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_0_0 (SUSE-SU-2026:1291-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1291-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference...

9.8CVSS7.6AI score0.00981EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.24 views

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)

The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...

8.1CVSS5.9AI score0.00885EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/04/13 12:0 a.m.4 views

Slackware: Security Advisory (SSA:2026-101-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS5.8AI score0.00885EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.7 views

Photon OS 5.0: Openssl PHSA-2026-5.0-0810

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0810. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.7AI score0.00981EPSS
Exploits0References7
OSV
OSV
added 2026/04/09 5:35 p.m.9 views

USN-8155-2 openssl, openssl1.0 vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

8.1CVSS6AI score0.00885EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2026/04/09 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-8155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.00981EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/08 12:27 p.m.8 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.2AI score0.00981EPSS
Exploits0References20
Ubuntu
Ubuntu
added 2026/04/08 11:57 a.m.8 views

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

9.8CVSS6.2AI score0.00981EPSS
Exploits0
Circl
Circl
added 2026/04/07 11:31 p.m.6 views

CVE-2026-28387

creationtimestamp| type| source ---|---|--- 2026-04-07 23:31:26+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3miwwr7vxwk2o 2026-04-08 12:10:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3miyb6guojc23 2026-04-09 00:01:12+00:00| seen|...

8.1CVSS7.3AI score0.00631EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-28387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may...

8.1CVSS8.2AI score0.00631EPSS
Exploits0References2
Rows per page
Query Builder