Lucene search
K

23343 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.10 views

CVE-2021-32592

An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x and FortiClientEMS 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x may allow an attacker to perform a DLL Hijack attack on affected devices via a malicious OpenSSL engine library in the search path...

7.8CVSS6.7AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:39 p.m.6 views

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...

7.8CVSS7.2AI score0.00568EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.8 views

CVE-2020-9432

opensslx509checkhost in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

9.1CVSS7AI score0.00822EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.7 views

CVE-2020-9433

opensslx509checkemail in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

9.1CVSS7AI score0.00822EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.9 views

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

9.1CVSS7AI score0.00822EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.6 views

CVE-2020-5992

NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.9 views

CVE-2020-11634

The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context...

7.8CVSS7.6AI score0.00465EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/05/22 4:4 p.m.1 views

Security update for python-cryptography

This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. Patch Instructions: To install this SUSE update use the SUSE recommended installati...

6.3CVSS4.6AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2025/05/22 4:4 p.m.3 views

SUSE-SU-2025:01662-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631...

3.7CVSS5.6AI score0.00452EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.5 views

CVE-2020-11876

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code...

7.5CVSS6.9AI score0.01664EPSS
Exploits1References1
OSV
OSV
added 2025/05/22 2:16 p.m.2 views

DEBIAN-CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS7.3AI score0.00292EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 2:16 p.m.28 views

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS0.00292EPSS
Exploits0References3
OSV
OSV
added 2025/05/22 2:16 p.m.14 views

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS7.3AI score
Exploits0References3
OSV
OSV
added 2025/05/22 2:16 p.m.3 views

ALPINE-CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS7.2AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 1:36 p.m.33 views

CVE-2025-4575 The x509 application adds trusted use instead of rejected use

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

0.00292EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/05/22 1:36 p.m.44 views

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS6.7AI score0.00292EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/05/22 1:36 p.m.10 views

CVE-2025-4575 The x509 application adds trusted use instead of rejected use

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.6AI score0.00292EPSS
Exploits0References2
CVE
CVE
added 2025/05/22 1:36 p.m.295 views

CVE-2025-4575

OpenSSL CVE-2025-4575 affects the x509 application in OpenSSL 3.5 (and related mentions in 3.0–3.4 are not affected). A copy-paste error during minor refactoring causes the -addreject option to mark a certificate as trusted for a use instead of rejecting it, meaning a certificate intended to be r...

6.5CVSS6.6AI score0.00292EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2025/05/22 1:36 p.m.14 views

CVE-2025-4575

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...

6.5CVSS7.3AI score0.00292EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 a.m.17 views

CVE-2016-10931

An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification...

8.1CVSS6.7AI score0.00745EPSS
Exploits0References1
Rows per page
Query Builder