CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1568 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Calling the OpenSSL API function SSLSelectNextProto with an empty supported client protocols buffer may cause a crash or cause memory contents to be sent to the peer. Impact summary: An overreading of the buffer can have a range of potential consequences, such as unexpected...

9.1CVSS7.2AI score0.05582EPSS

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems such as OCSP, PKCS7/SMIME, CMS, CMP/CRMF, or TS without a message size limit may...

6.5CVSS6.5AI score0.76451EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: An invalid or NULL pointer dereference can occur in an application processing a malformed PKCS12 file. This can lead to a Denial of Service attack. Impact summary: An application processing a malformed PKCS12 file may inadvertently dereference an invalid or NULL pointer during memo...

5.5CVSS7.5AI score0.00144EPSS

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in openssl1.0

The X.509 GENERALNAME type is a generic type used to represent various types of names. One of these name types is known as EDIPARTYNAME. OpenSSL provides a function called GENERALNAMEcmp, which compares different instances of a GENERALNAME to determine whether they are equal. This function behave...

5.9CVSS6.6AI score0.06968EPSS

Exploits3References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in openssl1.0

In situations where an attacker receives automated notifications of the success or failure of a decryption attempt, an attacker can recover the CMS/PKCS7 transport encryption key after sending a very large number of messages to be decrypted. They can also decrypt any RSA-encrypted message encrypt...

4.3CVSS6.6AI score0.03838EPSS

Exploits0References1

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in OpenSSL

A security vulnerability has been identified in all supported versions of OpenSSL, related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use o...

7.5CVSS6.5AI score0.03658EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in OpenSSL

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support SMIME, CMS, and PKCS7 streaming capabilities. However, it can also be called directly by end-user applications. This function receives a BIO from...

7.5CVSS7AI score0.04494EPSS

Exploits0References2

IBM Security Bulletins•added 2026/06/18 5:57 p.m.•26 views

Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Question Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability CVE-2016-8610 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"Al...

7.5CVSS6.8AI score0.39657EPSS

Exploits1Affected Software1

OSV•added 2026/06/15 8:12 p.m.•49 views

GHSA-537C-GMF6-5CCF Vulnerable OpenSSL included in cryptography wheels

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If yo...

7.5CVSS5.3AI score

Exploits0References3

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2026-2412)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can...

8.1CVSS9AI score0.00885EPSS

Exploits0References5