1572 matches found
OpenSSL 加密问题漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
EulerOS 2.0 SP11 : openssl (EulerOS-SA-2026-2221)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the require...
RHEL 9 : openssl (RHSA-2026:22312)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22312 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2026-2063)
According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...
EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
EulerOS Virtualization 2.12.0 : openssl (EulerOS-SA-2026-2108)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
RHEL 10 : openssl (RHSA-2026:22314)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22314 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2026-2181)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
RockyLinux 8 : compat-openssl10 (RLSA-2026:22315)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22315 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
RockyLinux 9 : openssl (RLSA-2026:22312)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22312 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
AlmaLinux 9 : compat-openssl11 (ALSA-2026:22313)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:22313 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding description...
AlmaLinux 10 : openssl (ALSA-2026:22314)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22314 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
AlmaLinux 9 : openssl (ALSA-2026:22312)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22312 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding description...
EUVD-2022-55995
Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
Security Bulletin: IBM Edge Data Collector uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41898
Summary IBM Edge Data Collector Component uses openssl-0.10.76.crate which is vulnerable to CVE-2026-41898. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41898 DESCRIPTION: rust-openssl provides OpenSSL bindings for the Rust programming...
RockyLinux 9 : openssl (RLSA-2026:19218)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19218 advisory. openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-31790 Tenable has extracted the preceding description bloc...
Astra Linux - уязвимость в openssl1.0
Calls to the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions may cause the output length argument to overflow in some cases where the input length is close to the maximum permissible length for integers on the platform. In such cases, the return value from the function call will...
Moderate: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...