Lucene search
K

23343 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:32 a.m.4 views

CVE-2024-33617

Insufficient control flow management in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

8.2CVSS6.5AI score0.00449EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:32 a.m.4 views

CVE-2024-31074

Observable timing discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

8.2CVSS6.5AI score0.00509EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:6 a.m.7 views

CVE-2023-49210

The openssl aka node-openssl NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field used for command execution. NOTE: This vulnerability only affects products that are no longer supported by t...

9.8CVSS7AI score0.01909EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 5:0 a.m.7 views

CVE-2023-51787

An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...

7.5CVSS6.9AI score0.00487EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.12 views

CVE-2023-41840

A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path...

7.8CVSS6.6AI score0.00309EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:35 a.m.9 views

CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client version E87.30 via crafted OpenSSL configuration file...

7.8CVSS7.2AI score0.05701EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.7 views

CVE-2022-25219

A null byte interaction error has been discovered in the code that the telnetdstartup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP...

9.3CVSS6.7AI score0.00978EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.5 views

CVE-2022-29242

GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...

7.5CVSS7AI score0.01563EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:1 a.m.10 views

CVE-2022-31085

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by...

6.1CVSS6.7AI score0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:42 a.m.6 views

CVE-2022-32223

Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine: OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf”...

7.3CVSS6.7AI score0.01596EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/05/23 12:0 a.m.16 views

OpenSSL x509 Vulnerability (20250522) - Linux

OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

6.5CVSS6.2AI score0.00292EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/23 12:0 a.m.17 views

OpenSSL x509 Vulnerability (20250522) - Windows

OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

6.5CVSS6.2AI score0.00292EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.14 views

FreeBSD : OpenSSL -- Inverted security logic in x509 app (5baa64d6-37ee-11f0-a116-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5baa64d6-37ee-11f0-a116-8447094a420f advisory. The OpenSSL project reports: The x509 application adds trusted use instead of rejected use low Tenable...

6.5CVSS7.3AI score0.00292EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2025/05/23 12:0 a.m.12 views

OpenSSL -- Inverted security logic in x509 app

The OpenSSL project reports: The x509 application adds trusted use instead of rejected use low...

6.5CVSS6.9AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:56 p.m.6 views

CVE-2022-32253

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker...

7.5CVSS6.8AI score0.00571EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.7 views

CVE-2022-29505

Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation...

7.8CVSS7.2AI score0.00481EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.11 views

CVE-2022-28198

NVIDIA Omniverse Nucleus and Cache contain a vulnerability in its configuration of OpenSSL, where an attacker with physical access to the system can cause arbitrary code execution which can impact confidentiality, integrity, and availability...

6.8CVSS7.5AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.8 views

CVE-2021-25698

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...

7.8CVSS6.8AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:36 p.m.7 views

CVE-2021-25699

The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...

7.8CVSS6.8AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:19 p.m.9 views

CVE-2021-32489

An issue was discovered in the sendsecuremsg function of Yubico yubihsm-shell through 2.0.3. The function does not correctly validate the embedded length field of an authenticated message received from the device because responsemsg.st.len=8 can be accepted but triggers an integer overflow, which...

4.4CVSS6.8AI score0.00922EPSS
Exploits1References1
Rows per page
Query Builder