Lucene search
K

1572 matches found

AlpineLinux
AlpineLinux
added 2026/01/27 4:1 p.m.4 views

CVE-2026-22795

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.5CVSS5.9AI score0.00144EPSS
Exploits1
Cvelist
Cvelist
added 2026/01/27 4:1 p.m.24 views

CVE-2025-69418 Unauthenticated/unencrypted trailing bytes with low-level OCB function calls

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

0.00115EPSS
Exploits1References6
CVE
CVE
added 2026/01/27 4:1 p.m.75 views

CVE-2025-66199

CVE-2025-66199 affects OpenSSL TLS 1.3 certificate compression. A peer’s CompressedCertificate can cause an unbounded heap buffer growth prior to decompression, enabling per-connection allocations up to ~22 MiB and degraded service or resource exhaustion. Affected: OpenSSL 3.6, 3.5, 3.4 and 3.3 (...

5.9CVSS6AI score0.00403EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/27 3:52 p.m.6 views

CVE-2025-69421

A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service DoS by providing a specially crafted, malformed PKCS12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12itemdecryptd2iex function when...

7.5CVSS5.8AI score0.00844EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/27 3:51 p.m.4 views

CVE-2025-66199

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS5.9AI score0.00403EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/27 3:51 p.m.4 views

CVE-2025-15468

A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC Quick UDP Internet Connections protocol. This vulnerability, occurring when the SSLCIPHERfind...

5.9CVSS5.7AI score0.00748EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/27 3:5 p.m.5 views

CVE-2025-15467

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

9.8CVSS6.2AI score0.47621EPSS
Exploits7References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.4 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...

5.9CVSS6.2AI score0.00748EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-22795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing...

5.5CVSS6.7AI score0.00144EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-69419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code...

7.4CVSS7.4AI score0.00444EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

OpenSSL 3.4.0 < 3.4.4 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.4. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.4 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References34
OSV
OSV
added 2026/01/27 12:0 a.m.3 views

UBUNTU-CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS7.3AI score0.00444EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.2 views

RHEL 8 : openssl (RHSA-2026:0887)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0887 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS6.6AI score0.01744EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : edk2-20231122-6.el9 (AXSA:2024-8102:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8102:05 advisory. edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer overflow in...

8.8CVSS7.7AI score0.05533EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : mysql-8.0.41-2.el9_5.ML.1 (AXSA:2025-9701:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9701:03 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.16212EPSS
Exploits3References50
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : edk2-20210527gite1999b264f1f-3.el8 (AXSA:2021-2801:05)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2801:05 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has...

7.5CVSS7.1AI score0.50732EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : openssl-1.1.1k-12.el8_9 (AXSA:2024-7354:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7354:01 advisory. openssl: Excessive time spent checking DH keys and parameters CVE-2023-3446 OpenSSL: Excessive time spent checking DH q parameter value CVE-2023-381...

5.3CVSS6.9AI score0.05533EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : openssl-1.1.1k-6.el8 (AXSA:2022-3132:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3132:04 advisory. openssl: Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Tenable has extracted the preceding description block directly from the...

7.5CVSS7AI score0.70561EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : edk2-20230524-4.el9 (AXSA:2023-6904:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6904:04 advisory. edk2: Function GetEfiGlobalVariable2 return value not checked in DxeImageVerificationHandler CVE-2019-14560 openssl: Possible DoS translating ASN.1...

6.5CVSS7.5AI score0.73461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : compat-openssl10-1.0.2o-4.el8 (AXSA:2022-3803:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3803:01 advisory. compat-openssl10: Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 CVEs: CVE-2022-0778 Tenable has extracted the preceding...

7.5CVSS7.5AI score0.70561EPSS
Exploits2References2
Rows per page
Query Builder