CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23283 matches found

Wolfi•added 2026/01/29 7:48 a.m.•5 views

CVE-2025-15467 vulnerabilities

Vulnerabilities for packages: openssl...

8.8CVSS5.9AI score0.45854EPSS

Exploits7

Wolfi•added 2026/01/29 7:48 a.m.•5 views

CVE-2025-11187 vulnerabilities

Vulnerabilities for packages: openssl...

6.1CVSS5.9AI score0.00515EPSS

Exploits1

SUSE Linux•added 2026/01/29 6:5 a.m.•8 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2ie...

6.9CVSS5.9AI score0.00844EPSS

Exploits1References16

OSV•added 2026/01/29 6:4 a.m.•2 views

SUSE-SU-2026:0332-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in...

7.5CVSS5.8AI score0.00844EPSS

Exploits1References9

RedHat Linux•added 2026/01/29 12:24 a.m.•4 views

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

7.4CVSS6AI score0.00444EPSS

Exploits1References4

RedHat Linux•added 2026/01/29 12:24 a.m.•13 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.45854EPSS

Exploits7References3

RedHat Linux•added 2026/01/29 12:24 a.m.•8 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.45854EPSS

Exploits7References4

Tenable Nessus•added 2026/01/29 12:0 a.m.•4 views

SUSE SLED15 / SLES15 Security Update : openssl-3 (SUSE-SU-2026:0309-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0309-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap...

8.8CVSS7.2AI score0.45854EPSS

Exploits7References25

Tenable Nessus•added 2026/01/29 12:0 a.m.•4 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:0311-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0311-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in...

8.8CVSS7.2AI score0.45854EPSS

Exploits7References25

Tenable Nessus•added 2026/01/29 12:0 a.m.•2 views

RHEL 9 : openssl (RHSA-2026:1519)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1519 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

8.8CVSS7.4AI score0.45854EPSS

Exploits7References6

Oracle linux•added 2026/01/29 12:0 a.m.•16 views

openssl security update

3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...

9.8CVSS5.9AI score0.45854EPSS

Exploits7

Packet Storm•added 2026/01/29 12:0 a.m.•156 views

📄 Zabbix Agent Binaries 7.4 OpenSSL Path Scanner

This tool performs static analysis on Zabbix Agent binaries to identify hardcoded OpenSSL paths such as OPENSSLDIR, ENGINESDIR, and MODULESDIR. It leverages strings and radare2 to extract embedded configuration paths, OpenSSL version information, and indicators of dynamic engine or module loading...

7.3CVSS5.9AI score0.00332EPSS

Exploits2

Tenable Nessus•added 2026/01/29 12:0 a.m.•3 views

SUSE SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2026:0312-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0312-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap...

8.8CVSS7.2AI score0.45854EPSS

Exploits7References25

Tenable Nessus•added 2026/01/29 12:0 a.m.•5 views

Oracle Linux 9 : openssl (ELSA-2026-50075)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50075 advisory. - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420...

8.8CVSS7AI score0.45854EPSS

Exploits7References13

Tenable Nessus•added 2026/01/29 12:0 a.m.•5 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:0310-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0310-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in...

8.8CVSS7.2AI score0.45854EPSS

Exploits7References25

Tenable Nessus•added 2026/01/29 12:0 a.m.•9 views

Oracle Linux 9 : openssl (ELSA-2026-1473)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1473 advisory. - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420...

8.8CVSS7AI score0.45854EPSS

Exploits7References13

Tenable Nessus•added 2026/01/29 12:0 a.m.•3 views

Oracle Linux 10 : openssl (ELSA-2026-1472)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1472 advisory. - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420...

8.8CVSS7AI score0.45854EPSS

Exploits7References13

Tenable Nessus•added 2026/01/29 12:0 a.m.•15 views

RHEL 9 : openssl (RHSA-2026:1594)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1594 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

8.8CVSS7.4AI score0.45854EPSS

Exploits7References6

Packet Storm•added 2026/01/29 12:0 a.m.•183 views

📄 OpenSSL 3.x ASN.1 AES‑GCM Nonce Stack Corruption

This Metasploit auxiliary module generates a specially crafted CMS file encoded in DER format to test a stack-based buffer overflow vulnerability in OpenSSL's ASN.1 parser related to improper handling of oversized AES-GCM nonce IV values within AES-GCM-Parameters as defined in RFC 5084. The...

9.8CVSS6.3AI score0.45854EPSS

Exploits7