Lucene search
K

65 matches found

OSV
OSV
added 2026/03/20 6:19 p.m.7 views

CLSA-2026-1773999595 compat-openssl11: Fix of CVE-2025-69419

CVE-2025-69419: Fix heap buffer overflow in PKCS12 Unicode to UTF-8 conversion...

7.4CVSS6AI score0.00444EPSS
Exploits1References1
CVE
CVE
added 2026/03/19 9:7 p.m.19 views

CVE-2026-3229

CVE-2026-3229 describes an integer overflow in wolfSSL’s certificate chain allocation. The heap corruption arises in the static function wolfssl_add_to_chain when certificate data is written beyond the bounds of an insufficiently sized certificate buffer. The issue is triggered via APIs used for ...

5.5CVSS5.9AI score0.00064EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.4 views

PT-2026-26365

Name of the Vulnerable Software and Affected Versions wolfssl affected versions not specified Description An integer overflow issue was identified in the wolfssl add to chain function, leading to heap corruption when certificate data exceeded the bounds of the certificate buffer. The function is...

5.5CVSS5.4AI score0.00064EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.2 views

RHEL 9 : compat-openssl11 (RHSA-2026:4824)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4824 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

7.4CVSS6.3AI score0.00444EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.39 views

RHEL 9 : compat-openssl11 (RHSA-2026:4825)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4825 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

7.4CVSS6.3AI score0.00444EPSS
Exploits1References5
Rockylinux
Rockylinux
added 2026/03/12 6:3 p.m.4 views

compat-openssl11 security update

An update is available for compat-openssl11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSSL toolkit provides support for secure communications betwe...

7.4CVSS6.2AI score0.00444EPSS
Exploits1
AlmaLinux
AlmaLinux
added 2026/03/12 12:0 a.m.5 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

7.4CVSS7.5AI score0.00444EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.1 views

SUSE SLES15: libqat4 / libqatzip3 / libusdm0 / qatengine / qatlib / qatlib-devel / etc (SUSE-SU-2025:3942-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3942-1 advisory. Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365...

8.2CVSS6.7AI score0.00509EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.2 views

SUSE SLES15: libqat4 / libqatzip3 / libusdm0 / qatengine / qatlib / qatlib-devel / etc (SUSE-SU-2025:3943-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3943-1 advisory. Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365...

8.2CVSS6.4AI score0.00509EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-21938

Malicious code in bioql PyPI...

7CVSS6.3AI score0.00387EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values return...

9.8CVSS5.8AI score0.00387EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/07 12:0 a.m.24 views

CVE-2025-45765

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...

0.00152EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/07/18 10:34 p.m.4 views

CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

9.8CVSS7.4AI score0.00387EPSS
Exploits0References1
OSV
OSV
added 2025/06/25 12:0 a.m.4 views

UBUNTU-CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2025/06/11 5:41 a.m.2 views

SUSE-SU-2025:01879-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Update to version 22.15.1. Security issues fixed: - CVE-2025-23166: remotely triggerable process crash due to improper error handling in async cryptographic operations bsc1243218. - CVE-2025-23165: memory leak and unbounded memory growth due to...

7.5CVSS6.2AI score0.00763EPSS
Exploits0References7
OSV
OSV
added 2024/11/18 1:29 p.m.9 views

SUSE-SU-2024:4029-1 Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Pat...

8.8CVSS7.8AI score0.02303EPSS
Exploits3References31
OSV
OSV
added 2024/03/30 12:4 a.m.7 views

SUSE-SU-2024:1074-1 Security update for qpid-proton

This update for qpid-proton fixes the following issues: - CVE-2019-0223: Fixed TLS Man in the Middle Vulnerability bsc1133158. The following non-security bugs were fixed: - Fix build with OpenSSL 3.0.0 bsc1172267 - Sort linked .o files to make package build reproducible bsc1041090 - Fix build wit...

7.4CVSS6.7AI score0.0615EPSS
Exploits0References7
OSV
OSV
added 2024/03/20 12:6 p.m.7 views

SUSE-SU-2024:0947-1 Security update for python-uamqp

This update for python-uamqp fixes the following issues: - CVE-2024-27099: Fixed potential double-free in linkframereceived bsc1220535. Bug fixes: - Fixed compatibility with OpenSSL 3.x bsc1217782...

9.8CVSS6.7AI score0.01418EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.3 views

SUSE CVE-2012-6093

The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an "incompatible structure layout" that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fai...

4.3CVSS6.8AI score0.01778EPSS
Exploits0References4
OSV
OSV
added 2022/12/19 12:59 p.m.10 views

SUSE-RU-2022:4567-1 Recommended update for python-crcmod, python-cryptography, python-cryptography-vectors

This update for python-crcmod, python-cryptography, python-cryptography-vectors contains the following fixes: python-cryptography: - Update in SLE-15 bsc1177083, jscPM-2730, jscSLE-18312 - Refresh patches for new version Using the Fernet class to symmetrically encrypt multi gigabyte values...

9.1CVSS9.1AI score0.06718EPSS
Exploits1References3
Rows per page
Query Builder