Lucene search
K

23343 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/29 7:27 a.m.14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.70.crate CVE-2025-3416

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.70.crate CVE-2025-3416. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-3416 DESCRIPTION: A flaw was found in OpenSSL's handling of the properties...

3.7CVSS6.4AI score0.00452EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/29 7:22 a.m.15 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.64.crate CVE-2025-24898

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to openssl-0.10.64.crate CVE-2025-24898. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-24898 DESCRIPTION: rust-openssl is a set of OpenSSL bindings for the Rust...

6.3CVSS6.9AI score0.00623EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2025/05/29 2:8 a.m.1 views

SUSE CVE-2025-48057

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

8.8CVSS6.8AI score0.00414EPSS
Exploits0References5
Wolfi
Wolfi
added 2025/05/28 7:46 p.m.9 views

GHSA-V8QH-5C5W-48PP vulnerabilities

Vulnerabilities for packages: openssl...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/05/28 7:45 p.m.15 views

CVE-2025-4575 vulnerabilities

Vulnerabilities for packages: openssl...

6.5CVSS7.1AI score0.00292EPSS
Exploits0
Chainguard
Chainguard
added 2025/05/28 7:15 p.m.3 views

GHSA-V8QH-5C5W-48PP vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2025/05/28 7:15 p.m.13 views

CVE-2025-4575 vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34, openssl...

6.5CVSS6.8AI score0.00292EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/05/28 2:33 p.m.3 views

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 bsc1229122: Security fixes: CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...

6.5CVSS7.3AI score0.00724EPSS
Exploits2References24
OSV
OSV
added 2025/05/28 2:33 p.m.2 views

SUSE-SU-2025:01731-1 Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 bsc1229122: Security fixes: - CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 - CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constrain...

9.1CVSS5.9AI score0.00724EPSS
Exploits2References12
NVD
NVD
added 2025/05/27 5:15 p.m.8 views

CVE-2025-48057

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

9.8CVSS0.00414EPSS
Exploits0References6
OSV
OSV
added 2025/05/27 5:15 p.m.4 views

DEBIAN-CVE-2025-48057

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

9.8CVSS8.5AI score0.00414EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/27 4:32 p.m.28 views

CVE-2025-48057 Icinga 2 certificate renewal might incorrectly renew an invalid certificate

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

9.3CVSS0.00414EPSS
Exploits0References6
CVE
CVE
added 2025/05/27 4:32 p.m.83 views

CVE-2025-48057

The CVE-2025-48057 issue affects Icinga 2: when built with OpenSSL older than 1.1.0, the VerifyCertificate() function can incorrectly treat a certificate as valid, enabling an attacker to cause a malicious certificate request to be treated as a renewal of an existing certificate and impersonate t...

9.8CVSS6.7AI score0.00414EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/27 4:32 p.m.8 views

CVE-2025-48057 Icinga 2 certificate renewal might incorrectly renew an invalid certificate

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

9.3CVSS6.7AI score0.00414EPSS
Exploits0References6
OSV
OSV
added 2025/05/27 4:32 p.m.6 views

CVE-2025-48057 Icinga 2 certificate renewal might incorrectly renew an invalid certificate

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

9.3CVSS8.5AI score0.00414EPSS
Exploits0References8
F5 Networks
F5 Networks
added 2025/05/27 4:7 p.m.15 views

K000151542: OpenSSL vulnerability CVE-2025-4575

Security Advisory Description Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as truste...

6.5CVSS7.5AI score0.00292EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.4 views

PT-2025-22986

Name of the Vulnerable Software and Affected Versions Icinga 2 versions prior to 2.12.12 Icinga 2 versions prior to 2.13.12 Icinga 2 versions prior to 2.14.6 Description The issue affects Icinga 2, a monitoring system that checks network resource availability and generates performance data. It...

9.8CVSS8.7AI score0.02934EPSS
Exploits1References37
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.24 views

Alibaba Cloud Linux 3 : 0073: compat-openssl10 (ALINUX3-SA-2025:0073)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0073 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0286: There is a type confusion...

7.4CVSS8AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.5 views

ABB M2M Gateway Information Disclosure in embedded OpenSSL (CVE-2013-0169)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References123
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.4 views

RHEL 9 : python3.12-cryptography (RHSA-2025:7317)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7317 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

6.3CVSS5.4AI score0.00623EPSS
Exploits0References6
Rows per page
Query Builder