Lucene search
K

15 matches found

SUSE Linux
SUSE Linux
added 2026/06/15 3:5 p.m.5 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL...

8.2CVSS8.1AI score0.02719EPSS
Exploits0References30
SUSE Linux
SUSE Linux
added 2026/06/15 2:34 p.m.6 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL...

8.2CVSS8.1AI score0.02719EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

Debian dla-4624 : libcrypto1.1-udeb - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4624 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4624-1 [email protected]...

8.1CVSS7.8AI score0.00885EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 8:7 p.m.10 views

Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]

Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...

9.8CVSS8.7AI score0.00885EPSS
Exploits0Affected Software5
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-1_0_0 (SUSE-SU-2026:1291-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1291-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference...

9.8CVSS7.6AI score0.00981EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.24 views

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)

The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...

8.1CVSS5.9AI score0.00885EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/04/13 12:0 a.m.4 views

Slackware: Security Advisory (SSA:2026-101-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS5.8AI score0.00885EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.7 views

Photon OS 5.0: Openssl PHSA-2026-5.0-0810

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0810. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.7AI score0.00981EPSS
Exploits0References7
OSV
OSV
added 2026/04/09 5:35 p.m.9 views

USN-8155-2 openssl, openssl1.0 vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

8.1CVSS6AI score0.00885EPSS
Exploits0References5
OSV
OSV
added 2026/04/09 1:49 a.m.5 views

BELL-CVE-2026-28389

Bulletin has no description...

7.5CVSS5.7AI score0.00805EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/04/09 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-8155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.9AI score0.00981EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/08 12:27 p.m.8 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.2AI score0.00981EPSS
Exploits0References20
Ubuntu
Ubuntu
added 2026/04/08 11:57 a.m.8 views

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

9.8CVSS6.2AI score0.00981EPSS
Exploits0
Circl
Circl
added 2026/04/07 11:31 p.m.4 views

CVE-2026-28389

creationtimestamp| type| source ---|---|--- 2026-04-07 23:31:27+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3miwwr7vxwk2o 2026-04-08 12:10:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3miyb6guojc23 2026-04-09 00:01:14+00:00| seen|...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References6
CVE
CVE
added 2026/04/07 10:0 p.m.31 views

CVE-2026-28389

CVE-2026-28389 describes a NULL pointer dereference in OpenSSL when processing CMS EnvelopedData with KeyAgreeRecipientInfo. If the optional parameters field of KeyEncryptionAlgorithmIdentifier is missing, a NULL dereference can occur, potentially causing DoS via crash during CMS_decrypt() on unt...

7.5CVSS6AI score0.00805EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder