1572 matches found
PT-2026-35041
Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.24 through 0.10.77 Description FFI trampolines behind the functions set psk client callback, set psk server callback, set cookie generate cb, and set stateless cookie generate cb in SslContextBuilder forward the user...
SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:1550-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1550-1 advisory. - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc126167...
K000160933: OpenSSL for Windows vulnerability CVE-2023-4807
Security Advisory Description Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: ...
ROS-20260420-73-0004
A vulnerability in the PKCS12getfriendlyname function of the OpenSSL library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0006
A vulnerability in the TSRESPverifyresponse function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0008
A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0015
A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Unity Linux 20.1070a Security Update: openssl (UTSA-2026-007292)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007292 advisory. Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code poin...
Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance
Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can...
Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance
Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-69419 Vulnerability Details CVEID:CVE-2025-69419 DESCRIPTION: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString...
Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)
The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...
CVE-2026-31789
A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an...
CVE-2026-31789 affecting package openssl for versions less than 3.3.5-5
CVE-2026-31789 affecting package openssl for versions less than 3.3.5-5. A patched version of the package is available...
DEBIAN-CVE-2026-28388
Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...
Exploit for Out-of-bounds Write in Openssl
No d...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...
OpenSSL 安全漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...
OpenSSL 1.1.1 < 1.1.1zg Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.1.1zg. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zg advisory. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon...
K000160560: OpenSSL vulnerability CVE-2025-69420
Security Advisory Description Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Respons...
K000160558: OpenSSL vulnerability CVE-2025-69419
Security Advisory Description Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write ca...