Lucene search
K

1572 matches found

Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.4 views

PT-2026-35041

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.24 through 0.10.77 Description FFI trampolines behind the functions set psk client callback, set psk server callback, set cookie generate cb, and set stateless cookie generate cb in SslContextBuilder forward the user...

9.8CVSS5.5AI score0.00412EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.7 views

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:1550-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1550-1 advisory. - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc126167...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2026/04/21 8:22 p.m.8 views

K000160933: OpenSSL for Windows vulnerability CVE-2023-4807

Security Advisory Description Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: ...

7.8CVSS5.9AI score0.00862EPSS
Exploits0
Redos
Redos
added 2026/04/20 12:0 a.m.6 views

ROS-20260420-73-0004

A vulnerability in the PKCS12getfriendlyname function of the OpenSSL library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.4CVSS7.3AI score0.00444EPSS
Exploits1
Redos
Redos
added 2026/04/20 12:0 a.m.4 views

ROS-20260420-73-0006

A vulnerability in the TSRESPverifyresponse function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00768EPSS
Exploits1
Redos
Redos
added 2026/04/20 12:0 a.m.4 views

ROS-20260420-73-0008

A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00844EPSS
Exploits1
Redos
Redos
added 2026/04/20 12:0 a.m.5 views

ROS-20260420-73-0015

A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.00502EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: openssl (UTSA-2026-007292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007292 advisory. Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code poin...

7.4CVSS7.2AI score0.00444EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 11:32 a.m.8 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can...

7.5CVSS5.8AI score0.01744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 11:6 a.m.7 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-69419 Vulnerability Details CVEID:CVE-2025-69419 DESCRIPTION: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString...

7.4CVSS6AI score0.00444EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.24 views

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3249 (ALAS-2026-3249)

The version of openssl11 installed on the remote host is prior to 1.1.1zg-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3249 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE:...

8.1CVSS5.9AI score0.00885EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/04/13 5:10 a.m.5 views

CVE-2026-31789

A flaw was found in OpenSSL. This vulnerability, a heap buffer overflow, affects 32-bit systems when processing an unusually large X.509 certificate. If an application or service attempts to print or log such a specially crafted certificate, it could lead to a system crash or potentially allow an...

9.8CVSS6.1AI score0.00225EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2026/04/07 10:21 p.m.6 views

CVE-2026-31789 affecting package openssl for versions less than 3.3.5-5

CVE-2026-31789 affecting package openssl for versions less than 3.3.5-5. A patched version of the package is available...

9.8CVSS5.8AI score0.00225EPSS
Exploits0
OSV
OSV
added 2026/04/07 10:16 p.m.3 views

DEBIAN-CVE-2026-28388

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

7.5CVSS6AI score0.00885EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/07 1:40 p.m.131 views

Exploit for Out-of-bounds Write in Openssl

No d...

8.8CVSS7.2AI score0.47621EPSS
Exploits7
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.6 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team, capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure hash...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.6 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...

7.5CVSS7.3AI score0.00885EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

OpenSSL 1.1.1 < 1.1.1zg Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zg. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zg advisory. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon...

8.1CVSS6.3AI score0.00885EPSS
Exploits0References10
F5 Networks
F5 Networks
added 2026/03/31 7:50 p.m.7 views

K000160560: OpenSSL vulnerability CVE-2025-69420

Security Advisory Description Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Respons...

7.5CVSS5.9AI score0.00768EPSS
Exploits1
F5 Networks
F5 Networks
added 2026/03/31 7:19 p.m.6 views

K000160558: OpenSSL vulnerability CVE-2025-69419

Security Advisory Description Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write ca...

7.4CVSS6AI score0.00444EPSS
Exploits1
Rows per page
Query Builder