EUVD-2026-4768

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

EUVD-2025-206379

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData...

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

MiracleLinux 4 : openssl-1.0.0-20.AXS4.3 (AXSA:2012-459:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-459:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

MiracleLinux 4 : openssl-1.0.0-20.AXS4.5 (AXSA:2012-576:06)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-576:06 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2025-2487)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and writ...

OESA-2025-2612 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.Impact summary:...

OESA-2025-2505 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...

OESA-2025-2503 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...

OESA-2025-2490 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read an...

OESA-2025-2488 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read an...

Medium: openssl

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...

Medium: openssl11

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...

EUVD-2012-0907

Malware in sbrugna...

SUSE CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

CVE-2025-9230

CVE-2025-9230 describes an out-of-bounds read (and potential write) when decrypting CMS messages encrypted with password-based (PWRI) encryption in OpenSSL. The issue can cause a crash (Denial of Service) or memory corruption with possible code execution, though exploitability is considered low a...

PT-2025-39986

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.1.1zd, and 1.0.2zm. Description: OpenSSL contains vulnerabilities due to out-of-bounds read and write issues. Specifically, an out-of-bounds read and write can occur when...

OpenSSL 0.9.8h < 0.9.8o Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.8o. It is, therefore, affected by a vulnerability as referenced in the 0.9.8o advisory. - The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properl...

openssl: Possible DoS translating ASN.1 object identifiers

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

acme-rs (>=0.1.0 <=0.2.0), apkeep (>=0.6.0 <=0.13.0) +23 more potentially affected by CVE-2023-39914 via bcder (>=0.1.0 <=0.6.1)

bcder CARGO version =0.1.0, =0.1.0, =0.6.0, =0.1.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.5, =0.3.0, =0.19.0, =0.20.0 and more Source cves: CVE-2023-39914 Source advisory: OSV:RUSTSEC-2023-0062...