Lucene search
K

149 matches found

OSV
OSV
added 2026/03/27 2:3 p.m.6 views

OESA-2026-1731 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.17 views

OpenSSL 3.5.0 < 3.5.6 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.5.6 advisory. - Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group...

9.8CVSS7.9AI score0.00981EPSS
Exploits0References24
CBLMariner
CBLMariner
added 2026/02/24 5:36 p.m.3 views

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

7.4CVSS6.5AI score0.00444EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/16 9:12 a.m.7 views

Security Bulletin: OpenSSL stack buffer overflow vulnerability affect IBM Cloud Pak System [CVE-2025-15467]

Summary Stack buffer overflow vulnerability in OpenSSL shipped with OS Image for Red Hat Enterprise Linux System affect IBM Cloud Pak System. Stack buffer overflow that can be exploited by a remote attacker to cause a Denial of Service DoS or potentially allow for remote code execution...

9.8CVSS7.3AI score0.47621EPSS
Exploits7Affected Software4
Packet Storm News
Packet Storm News
added 2026/02/06 12:0 a.m.4 views

Zabbix Agent Binaries Path Abuse Scanner

This scanner performs automated static analysis of Zabbix Agent binaries to detect hardcoded OpenSSL configuration paths that may enable provider or engine abuse. It identifies embedded OPENSSLDIR, ENGINESDIR, and MODULESDIR values, extracts OpenSSL version information, and checks for dynamic...

7.3CVSS6.1AI score0.00325EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.4 views

Security update for openssl-3 (important)

openSUSE security update: security update for openssl-3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20152-1 Rating: important References: bsc1256829 bsc1256830 bsc1256831 bsc1256832 bsc1256833 bsc1256834 bsc1256835 bsc1256836 bsc1256837 bsc12568...

9.8CVSS5.7AI score0.47621EPSS
Exploits7References13
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.163 views

📄 Zabbix Agent Binaries 7.4 OpenSSL Path Scanner

This tool performs static analysis on Zabbix Agent binaries to identify hardcoded OpenSSL paths such as OPENSSLDIR, ENGINESDIR, and MODULESDIR. It leverages strings and radare2 to extract embedded configuration paths, OpenSSL version information, and indicators of dynamic engine or module loading...

7.3CVSS5.9AI score0.00325EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.3 views

SUSE SLES15: libopenssl-3-devel / libopenssl-3-devel-32bit / etc (SUSE-SU-2026:0312-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0312-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References25
AlpineLinux
AlpineLinux
added 2026/01/27 4:1 p.m.5 views

CVE-2025-15468

Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...

5.9CVSS5.8AI score0.00748EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 4 : openssl-1.0.1e-58.0.2.AXS4 (AXSA:2021-2478:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2478:04 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has extracted th...

7.5CVSS7AI score0.50732EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : openssl-3.0.7-25.el9_3 (AXSA:2024-7438:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7438:02 advisory. openssl: Incorrect cipher key and IV length processing CVE-2023-5363 Tenable has extracted the preceding description block directly from the MiracleLinux...

7.5CVSS5.6AI score0.03332EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : openssl-1.1.1k-4.el8 (AXSA:2021-2623:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2623:05 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has...

7.5CVSS7.1AI score0.50732EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : openssl-1.1.1c-15.el8 (AXSA:2020-289:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-289:02 advisory. openssl: side-channel weak encryption vulnerability CVE-2019-1547 openssl: information disclosure in fork CVE-2019-1549 openssl: information disclosu...

5.3CVSS8.2AI score0.06232EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 4 : openssl-1.0.1e-42.AXS4.4 (AXSA:2016-119:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-119:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

10CVSS8.3AI score0.82112EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : openssl-1.0.1e-60.el7.1 (AXSA:2017-1298:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1298:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

7.5CVSS7AI score0.57595EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in OpenSSL

Issue Summary: A TLS 1.3 connection that uses certificate compression can be forced to allocate a large buffer before decompression, without checking against the configured certificate size limit. Impact Summary: An attacker can cause per-connection memory allocations of up to approximately 22 Mi...

5.9CVSS6AI score0.00403EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2025-2420)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash...

8.8CVSS6.4AI score0.00407EPSS
Exploits0References5
OSV
OSV
added 2025/10/22 12:18 p.m.1 views

SUSE-SU-2025:20896-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues: - CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - Disable LTO for userspace livepatching jscPED-13245...

7.5CVSS7.1AI score0.01744EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.8 views

Amazon Linux 2 : openssl11, --advisory ALAS2-2025-3033 (ALAS-2025-3033)

The version of openssl11 installed on the remote host is prior to 1.1.1zd-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3033 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.3 views

SUSE SLED15 / SLES15 Security Update : openssl-3 (SUSE-SU-2025:03546-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03546-1 advisory. - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232. Tenable has extracted the precedi...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References4
Rows per page
Query Builder