Lucene search
K

188 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-20227

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.0144EPSS
Exploits0References2
Fedora
Fedora
added 2025/09/24 3:53 p.m.8 views

[SECURITY] Fedora 41 Update: libssh-0.11.3-1.fc41

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

4.7CVSS7.2AI score0.00375EPSS
Exploits0
Gitee
Gitee
added 2025/09/06 8:39 p.m.87 views

Crypt-SSLeay

This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...

7.1AI score
Exploits0
OSV
OSV
added 2025/09/05 12:42 p.m.2 views

OESA-2025-2131 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.1CVSS7.3AI score0.0144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/22 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-5987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected...

8.1CVSS7.3AI score0.0144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/19 12:0 a.m.4 views

CBL Mariner 2.0 Security Update: libssh (CVE-2025-5987)

The version of libssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5987 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to...

8.1CVSS7.2AI score0.0144EPSS
Exploits0References2
OSV
OSV
added 2025/07/07 3:15 p.m.6 views

AZL-64794 CVE-2025-5987 affecting package libssh for versions less than 0.10.6-2

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS6.4AI score0.0144EPSS
Exploits0References1
NVD
NVD
added 2025/07/07 3:15 p.m.11 views

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS0.0144EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2025/07/07 2:24 p.m.3 views

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS5.9AI score0.0144EPSS
Exploits0References18Affected Software17
Vulnrichment
Vulnrichment
added 2025/07/07 2:24 p.m.5 views

CVE-2025-5987 Libssh: invalid return code for chacha20 poly1305 with openssl backend

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS6.2AI score0.0144EPSS
Exploits0References17
Debian CVE
Debian CVE
added 2025/07/07 2:24 p.m.5 views

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS6.4AI score0.0144EPSS
Exploits0
OSV
OSV
added 2025/05/30 12:0 a.m.2 views

OPENSUSE-SU-2025:15183-1 libopenssl-3-devel-3.5.0-3.1 on GA media

These are all security issues fixed in the libopenssl-3-devel-3.5.0-3.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS6.7AI score0.00361EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.6 views

CVE-2020-5992

NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References1
Fedora
Fedora
added 2025/04/11 1:53 a.m.9 views

[SECURITY] Fedora 40 Update: openvpn-2.6.14-1.fc40

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS7.6AI score0.00784EPSS
Exploits0
Fedora
Fedora
added 2025/04/08 1:29 a.m.7 views

[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS6.9AI score0.00784EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

haproxy bug fix and enhancement update

An update is available for haproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load balanc...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:8 p.m.8 views

CVE-2020-36166

An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager aka VIOM Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from...

9.3CVSS7.5AI score0.00431EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:6 p.m.7 views

CVE-2020-36164

An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...

9.3CVSS7.5AI score0.00431EPSS
Exploits0
OSV
OSV
added 2024/12/25 10:9 a.m.5 views

CLSA-2024-1735121358 openssl: Fix of CVE-2024-4603

CVE-2024-4603: Check DSA parameters for excessive sizes before validating...

5.3CVSS6.8AI score0.01131EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/10 12:0 a.m.6 views

The vulnerability of the OpenSSL DLL component in the file synchronization and data backup utility Synology Drive Client allows a perpetrator to execute arbitrary code.

The vulnerability of the OpenSSL DLL component in the file synchronization and data backup utility Synology Drive Client is related to manipulation of unknown input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder