CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23284 matches found

SUSE Linux•added 2026/01/26 4:11 p.m.•7 views

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of "", "." a...

9.3CVSS7.2AI score0.00765EPSS

Exploits5References102

SUSE Linux•added 2026/01/26 4:10 p.m.•6 views

Security update for go1.25-openssl

9.3CVSS7.2AI score0.00765EPSS

Exploits5References102

OSV•added 2026/01/26 4:10 p.m.•6 views

SUSE-SU-2026:0297-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: - CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. - CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '...

10CVSS6.2AI score0.00765EPSS

Exploits5References51

OSV•added 2026/01/26 2:47 p.m.•4 views

BIT-NODE-MIN-2025-59464

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificatetrue, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through...

7.5CVSS5.9AI score0.0023EPSS

Exploits0References2

OSV•added 2026/01/26 2:47 p.m.•5 views

BIT-NODE-2025-59464

7.5CVSS5.9AI score0.0023EPSS

Exploits0References2

SUSE Linux•added 2026/01/26 1:51 p.m.•7 views

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.12 released 2026-01-15 jscSLE-18320, bsc1236217: Security fixes: CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. CVE-2025-58183: archive/tar: unbounded allocation when parsin...

8.8CVSS6.2AI score0.00765EPSS

Exploits4References84

OSV•added 2026/01/26 1:51 p.m.•6 views

SUSE-SU-2026:0296-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.12 released 2026-01-15 jscSLE-18320, bsc1236217: Security fixes: - CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames bsc1251257. - CVE-2025-58183: archive/tar: unbounded allocation when...

10CVSS7.4AI score0.00765EPSS

Exploits4References42

Tenable Nessus•added 2026/01/26 12:0 a.m.•3 views

Alibaba Cloud Linux 3 : 0015: openssl (ALINUX3-SA-2026:0015)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9230: Issue summary: An application trying...

7.5CVSS7AI score0.01744EPSS

Exploits0References2

Apache Tomcat•added 2026/01/26 12:0 a.m.•9 views

Fixed in Apache Tomcat 11.0.18

Moderate: Incomplete OCSP verification checks CVE-2026-24734 When using an OCSP responder, Tomcat's FFM integration with OpenSSL did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. Affects: 11.0.0-M1 to 11.0.17 This issue...

7.5CVSS5.4AI score0.00235EPSS

Exploits0Affected Software1

Apache Tomcat•added 2026/01/23 12:0 a.m.•9 views

Fixed in Apache Tomcat 9.0.115

7.5CVSS5.4AI score0.00235EPSS

Exploits0Affected Software1

Tenable Nessus•added 2026/01/22 12:0 a.m.•4 views

Fedora 43 : rpki-client (2026-0d27571013)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0d27571013 advisory. rpki-client 9.7 - The Canonical Cache Representation underwent a breaking change after the adoption of...

5.6AI score

Exploits0References1

Tenable Nessus•added 2026/01/22 12:0 a.m.•7 views

Fedora 42 : rpki-client (2026-d2431d8ac0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d2431d8ac0 advisory. rpki-client 9.7 - The Canonical Cache Representation underwent a breaking change after the adoption of...

5.6AI score

Exploits0References1

OSV•added 2026/01/21 10:13 a.m.•3 views

RHSA-2026:0887 Red Hat Security Advisory: openssl security update

Bulletin has no description...

5.6CVSS5AI score0.01744EPSS

Exploits0References7

Tenable Nessus•added 2026/01/21 12:0 a.m.•2 views

RHEL 8 : openssl (RHSA-2026:0887)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0887 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS6.6AI score0.01744EPSS

Exploits0References5

NVD•added 2026/01/20 9:16 p.m.•6 views

CVE-2025-59464

7.5CVSS0.0023EPSS

Exploits0References1

OSV•added 2026/01/20 9:16 p.m.•3 views

CVE-2025-59464

7.5CVSS5.9AI score

Exploits0References1

OSV•added 2026/01/20 9:16 p.m.•4 views

UBUNTU-CVE-2025-59464

7.5CVSS5.8AI score0.0023EPSS

Exploits0References3

CVE•added 2026/01/20 8:41 p.m.•21 views

CVE-2025-59464

CVE-2025-59464 describes a memory leak in Node.js OpenSSL integration during conversion of X.509 certificate fields to UTF-8, occurring when applications call socket.getPeerCertificate(true). Each certificate field leaks memory, enabling steady memory growth over TLS connections and potentially c...

7.5CVSS5.5AI score0.0023EPSS

Exploits0References1Affected Software1