CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23284 matches found

RedHat Linux•added 2026/01/08 12:53 p.m.•1 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.6AI score0.01744EPSS

Exploits0References2

Snyk•added 2026/01/08 10:45 a.m.•4 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the handling of TLS transfers when reusing easy or multi handles and modifying the CURLSSLOPTNOPARTIALCHAIN option. An attacker can cause the application to accept an unintended trust chain by exploiti...

6.8CVSS5.8AI score0.00679EPSS

Exploits0References2

Debian CVE•added 2026/01/08 10:7 a.m.•4 views

CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6.8AI score0.00679EPSS

Exploits0

Vulnrichment•added 2026/01/08 10:7 a.m.•4 views

CVE-2025-14819 OpenSSL partial chain store policy bypass

6.2AI score0.00679EPSS

Exploits0References2

Cvelist•added 2026/01/08 10:7 a.m.•27 views

CVE-2025-14819 OpenSSL partial chain store policy bypass

0.00679EPSS

Exploits0References2

Oracle linux•added 2026/01/08 12:0 a.m.•10 views

openssl security update

1:1.1.1k-14 - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 - Fix bug for ticketlifetimehint exceed issue Resolves: RHEL-119891...

7.5CVSS7.1AI score0.01744EPSS

Exploits0

Tenable Nessus•added 2026/01/08 12:0 a.m.•2 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2026:0052-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0052-1 advisory. - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global...

5.3CVSS6.7AI score0.00679EPSS

Exploits3References13

Tenable Nessus•added 2026/01/08 12:0 a.m.•2 views

openSUSE 15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2026:0050-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0050-1 advisory. - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override bsc1255732. -...

5.3CVSS6.6AI score0.00679EPSS

Exploits3References13

AlmaLinux•added 2026/01/08 12:0 a.m.•5 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 For more details about the securi...

7.5CVSS5.5AI score0.01744EPSS

Exploits0References4

OSV•added 2026/01/08 12:0 a.m.•4 views

ALSA-2026:0337 Moderate: openssl security update

7.5CVSS6.4AI score0.01744EPSS

Exploits0References4

Slackware Linux•added 2026/01/07 11:8 p.m.•11 views

[slackware-security] curl

New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.17.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: OpenSSL partial chain store policy bypass. bearer token le...

5.9CVSS6.8AI score0.00679EPSS

Exploits1

OSV•added 2026/01/07 9:28 a.m.•3 views

SUSE-SU-2026:0052-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. - CVE-2025-14819: libssh global knownhost override bsc1255732. - CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. - CVE-2025-15224: OpenSSL partial...

5.3CVSS5.8AI score0.00679EPSS

Exploits3References9

SUSE Linux•added 2026/01/07 9:28 a.m.•3 views

Security update for curl

This update for curl fixes the following issues: CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypass without agent set bsc1255733. CVE-2025-15224: OpenSSL partial chain...

6CVSS6.9AI score0.00679EPSS

Exploits3References16

OSV•added 2026/01/07 9:28 a.m.•4 views

SUSE-SU-2026:0051-1 Security update for curl

5.3CVSS6.1AI score0.00679EPSS

Exploits3References9

OSV•added 2026/01/07 9:28 a.m.•1 views

SUSE-SU-2026:0050-1 Security update for curl

5.3CVSS5.8AI score0.00679EPSS

Exploits3References9

SUSE Linux•added 2026/01/07 9:28 a.m.•5 views

Security update for curl

6CVSS6.9AI score0.00679EPSS

Exploits3References16

RedhatCVE•added 2026/01/07 9:24 a.m.•11 views

CVE-2006-3419

Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes RANDpseudobytes instead of cryptographically strong RANDbytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks...

5CVSS6.8AI score0.01625EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:9 a.m.•7 views

CVE-2024-2658

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...

8.5CVSS6.7AI score0.00406EPSS

Exploits0References1