Lucene search
K

47 matches found

OSV
OSV
added 2026/02/02 1:0 p.m.2 views

OPENSUSE-SU-2026:20152-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-15468: NULL dereference in...

9.8CVSS6.9AI score0.47621EPSS
Exploits7References25
OSV
OSV
added 2026/02/02 12:59 p.m.3 views

SUSE-SU-2026:20223-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-15468: NULL dereference in...

9.8CVSS6.9AI score0.47621EPSS
Exploits7References26
OSV
OSV
added 2026/01/28 9:37 a.m.7 views

SUSE-SU-2026:0312-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
OSV
OSV
added 2026/01/28 9:37 a.m.5 views

SUSE-SU-2026:0311-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
SUSE Linux
SUSE Linux
added 2026/01/28 9:36 a.m.7 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...

9.8CVSS6AI score0.47621EPSS
Exploits7References32
OSV
OSV
added 2026/01/27 4:16 p.m.9 views

ALPINE-CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.8AI score0.00176EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.10 views

ALPINE-CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

8.8CVSS8.8AI score0.47621EPSS
Exploits7References1
AlpineLinux
AlpineLinux
added 2026/01/27 3:59 p.m.5 views

CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

6.1CVSS6.3AI score0.00515EPSS
Exploits1
OSV
OSV
added 2026/01/27 12:0 a.m.2 views

UBUNTU-CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.8AI score0.00403EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/17 12:0 a.m.5 views

Security update for openssl-3 (important)

openSUSE security update: security update for openssl-3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025:20164-1 Rating: important References: bsc1250232 bsc1250233 bsc1250234 Cross-References: CVE-2025-9230 CVE-2025-9231 CVE-2025-9232 CVSS scores:...

7.7CVSS7.2AI score0.02234EPSS
Exploits0References3
OSV
OSV
added 2025/12/15 6:22 p.m.3 views

SUSE-SU-2025:21213-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...

7.5CVSS6.7AI score0.02234EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.4 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2025:03439-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03439-1 advisory. - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Tenable has...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.3 views

SUSE SLED15: libopenssl-3-devel / libopenssl-3-devel-32bit / etc (SUSE-SU-2025:03442-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03442-1 advisory. - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK...

7.5CVSS6.7AI score0.01744EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/11/05 8:16 a.m.5 views

Security update for qatengine, qatlib

This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...

8.2CVSS7.2AI score0.00509EPSS
Exploits0References12
OSV
OSV
added 2025/10/20 4:12 p.m.3 views

SUSE-SU-2025:20867-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - Disable LTO for userspace livepatching jscPED-13245...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References3
OSV
OSV
added 2025/10/13 7:2 a.m.2 views

SUSE-SU-2025:03586-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250410...

7.5CVSS6.9AI score0.01744EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/10/02 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:03439-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01744EPSS
Exploits0References4
OSV
OSV
added 2025/09/30 2:54 p.m.2 views

SUSE-SU-2025:03442-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...

7.5CVSS6.7AI score0.01744EPSS
Exploits0References3
OSV
OSV
added 2025/08/14 10:9 a.m.3 views

SUSE-SU-2025:20593-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262...

7.5CVSS6.9AI score0.01118EPSS
Exploits0References3
OSV
OSV
added 2025/07/07 12:58 p.m.4 views

SUSE-SU-2025:02236-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 bsc1240366. - Backport mdless cms signing support jscPED-12895...

5.3CVSS7.1AI score0.00361EPSS
Exploits0References3
Rows per page
Query Builder