Lucene search
K

4100 matches found

NVD
NVD
added 2026/06/09 5:17 p.m.7 views

CVE-2026-42765

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

7.5CVSS0.00419EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.8 views

CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

7.5CVSS0.00684EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.14 views

CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

5.9AI score0.02719EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.9 views

CVE-2026-42770 FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

5.4AI score0.00259EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 4:3 p.m.55 views

CVE-2026-42770

CVE-2026-42770 affects OpenSSL FIPS modules (4.0, 3.6, 3.5, 3.4, 3.0) and related deployments using EVP_PKEY_derive_set_peer() with DHX/X9.42 keys. The vulnerability arises when the subgroup check Y^q ≡ 1 (mod p) uses the peer’s q instead of the local key’s q, allowing a malicious X9.42 peer to c...

3.7CVSS5.4AI score0.00259EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.32 views

CVE-2026-42764 NULL Pointer Dereference in QUIC Server Initial Packet Handling

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

0.00684EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.10 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS5.5AI score0.00511EPSS
Exploits0
CVE
CVE
added 2026/06/09 4:3 p.m.56 views

CVE-2026-34181

The CVE-2026-34181 issue affects PKCS#12 file processing in OpenSSL where insufficient input validation for PBMAC1 allows forging certificates and private keys. An attacker impersonating a user could cause a service that reads PKCS#12 files to accept forged certificates and keys with about a 1 in...

7.4CVSS5.6AI score0.00196EPSS
Exploits0References5Affected Software1
Chainguard
Chainguard
added 2026/06/09 1:18 p.m.8 views

GHSA-HV4R-MVR4-25VW vulnerabilities

Vulnerabilities for packages: minio, minio-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 1:18 p.m.8 views

GHSA-H749-FXX7-PWPG vulnerabilities

Vulnerabilities for packages: minio, minio-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 1:18 p.m.8 views

CVE-2026-41145 vulnerabilities

Vulnerabilities for packages: minio, minio-fips...

8.8CVSS5.8AI score0.00349EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/09 1:18 p.m.10 views

CVE-2026-39414 vulnerabilities

Vulnerabilities for packages: minio, minio-fips...

7.1CVSS5.8AI score0.00485EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/09 1:17 p.m.12 views

CVE-2026-45536 vulnerabilities

Vulnerabilities for packages: trino, s3proxy-fips, apache-hop, neo4j, thingsboard, grpc-java-fips, spark, infinispan, localstack, cassandra, pinot, spark-kubernetes-operator-fips, zookeeper, hono, strimzi-kafka-operator, airbyte-server-fips, apache-pulsar-fips, zookeeper-fips, apache-nifi,...

4CVSS5.8AI score0.00136EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/09 1:17 p.m.7 views

GHSA-W573-9FFJ-6FF9 vulnerabilities

Vulnerabilities for packages: trino, s3proxy-fips, apache-hop, neo4j, thingsboard, grpc-java-fips, spark, infinispan, localstack, cassandra, pinot, spark-kubernetes-operator-fips, zookeeper, hono, strimzi-kafka-operator, airbyte-server-fips, apache-pulsar-fips, zookeeper-fips, apache-nifi,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 a.m.23 views

GHSA-3QP7-7MW8-WX86 vulnerabilities

Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 a.m.11 views

CVE-2026-45416 vulnerabilities

Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 a.m.7 views

GHSA-X4GW-5CX5-PGMH vulnerabilities

Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 a.m.25 views

CVE-2026-44249 vulnerabilities

Vulnerabilities for packages: trino, commercial-elasticsearch, s3proxy-fips, apache-hop, ghidra, neo4j, opensearch, thingsboard, grpc-java-fips, elasticsearch, spark, infinispan, knative-kafka-broker, localstack, akhq, cassandra, pinot, selenium, logstash, hono, spark-kubernetes-operator-fips,...

8.1CVSS5.8AI score0.00552EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:18 a.m.7 views

GHSA-QP9X-WP8F-QGJJ vulnerabilities

Vulnerabilities for packages: datadog-agent, datadog-agent-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/06/09 7:17 a.m.7 views

GHSA-6GHJ-FRRJ-JJJ3 vulnerabilities

Vulnerabilities for packages: trino, seata, apache-hop, apache-hop-fips, management-api-for-apache-cassandra-4.1, pinot-fips, thingsboard, celeborn, tez, management-api-for-apache-cassandra-5.0, management-api-for-apache-cassandra-4.0, pinot...

5.8AI score
Exploits0
Rows per page
Query Builder