Lucene search
K

23341 matches found

OSV
OSV
added 2025/06/30 8:26 a.m.4 views

CLSA-2025-1751271968 openssl: Fix of CVE-2019-1563

CVE-2019-1563: fix information disclosure in PKCS7dataDecode and CMSdecryptset1pkey...

4.3CVSS6.7AI score0.03838EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/06/30 7:14 a.m.3 views

Security update for himmelblau

This update for himmelblau fixes the following issues: CVE-2025-5791: Fixed using deprecated users crate bsc1244202 CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242648 Update to version 0.7.17+git.0.1ebdab0 Update sccache-action version to use new...

8.4CVSS7.3AI score0.00452EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:02120-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.0056EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/29 12:0 a.m.5 views

PT-2025-39425

Name of the Vulnerable Software and Affected Versions glib-networking affected versions not specified Description The OpenSSL backend in glib-networking does not correctly validate the return value from the BIO write function call, which can lead to an out-of-bounds read. Recommendations At the...

4.8CVSS5.8AI score0.00288EPSS
Exploits0References20
OSV
OSV
added 2025/06/27 1:16 p.m.3 views

OESA-2025-1673 perl-Crypt-OpenSSL-RSA security update

encoding and decoding according to using the openSSL libraries Security Fixes: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an...

5.9CVSS6.8AI score0.00516EPSS
Exploits0References2
Fedora
Fedora
added 2025/06/27 1:59 a.m.6 views

[SECURITY] Fedora 41 Update: perl-Crypt-OpenSSL-RSA-0.35-1.fc41

Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries...

5.9CVSS7.4AI score0.00516EPSS
Exploits0
Fedora
Fedora
added 2025/06/27 1:22 a.m.9 views

[SECURITY] Fedora 42 Update: perl-Crypt-OpenSSL-RSA-0.35-1.fc42

Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries...

5.9CVSS7.4AI score0.00516EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLES12 Security Update : perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01887-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01887-1 advisory. - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Tenable has extracted the preceding description block directl...

5.9CVSS5.9AI score0.00516EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.5 views

Fedora 41 : perl-Crypt-OpenSSL-RSA (2025-043b7fdbaf)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-043b7fdbaf advisory. Update to 0.35, fixes CVE-2024-2467 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

5.9CVSS6AI score0.00516EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.3 views

SUSE SLED15: libekmfweb1 / libekmfweb1-devel / libkmipclient1 / osasnmpd / etc (SUSE-SU-2025:02017-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02017-1 advisory. Security issues fixed: - CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate...

3.7CVSS5.8AI score0.00452EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/06/27 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-52b352c9cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.7AI score0.00516EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : perl-Crypt-OpenSSL-RSA (SUSE-SU-2025:01884-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01884-1 advisory. - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446 Tenable has...

5.9CVSS6AI score0.00516EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/26 8:22 a.m.4 views

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.4 bsc1236217: CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation bsc1244158. CVE-2025-0913 os: inconsistent handling of OCREATE|OEXCL on Unix and Windows bsc1244157. CVE-2025-4673 net/http:...

8.9CVSS7.2AI score0.0056EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.8 views

SUSE SLES15: libpython3_11-1_0 / python311 / python311-base / python311-curses / etc (SUSE-SU-2025:02049-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02049-1 advisory. python311 was updated from version 3.11.10 to 3.11.13: - Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling...

9.4CVSS6.7AI score0.01184EPSS
Exploits14References17
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.5 views

Fedora 42 : perl-Crypt-OpenSSL-RSA (2025-52b352c9cd)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-52b352c9cd advisory. Update to 0.35, fixes CVE-2024-2467 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

5.9CVSS6AI score0.00516EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.5 views

SUSE SLED15: libopenssl-3-devel / libopenssl-3-fips-provider / etc (SUSE-SU-2025:02042-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02042-1 advisory. - CVE-2025-27587: timing side-channel vulnerability in the P-384 implementation when used with ECDSA...

6.3CVSS7AI score0.02357EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2025/06/25 12:21 a.m.4 views

wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory OOM issue, leading to a denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.02157EPSS
Exploits0References4
OSV
OSV
added 2025/06/25 12:0 a.m.3 views

UBUNTU-CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References4
Snyk
Snyk
added 2025/06/24 12:0 a.m.2 views

Double Free

Overview Affected versions of this package are vulnerable to Double Free via the pkikeytoblob function when built with OpenSSL versions older than 3.0. The issue can lead to heap corruption or application instability during error handling in low-memory environments. Workaround This vulnerability...

6.5CVSS7.1AI score0.00494EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/24 12:0 a.m.3 views

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the sshkdf function when built with OpenSSL versions older than 3.0. An attacker can compromise the confidentiality, integrity, and availability of SSH sessions by triggering...

8.8CVSS7AI score0.00407EPSS
Exploits0References2
Rows per page
Query Builder