Lucene search
K

23343 matches found

Tenable Product Security Advisories
Tenable Product Security Advisories
added 2025/04/16 3:36 p.m.10 views

[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.3.0, 6.4.0, 6.4.5 and 6.5.1: SC-202504.2

R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.3.0, 6.4.0, 6.4.5 and 6.5.1: SC-202504.2 Arnie Cabral Wed, 04/16/2025 - 11:36 Security Center leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL,...

7.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/04/15 7:46 p.m.38 views

Important: Red Hat Security Advisory: ACS 4.5 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. This release of RHACS includes the following bug fix: Fixed a bug to match the aggregation field of the compliance tables to the widgets for consistency. This release also addresses the following security vulnerabilitie...

7.5CVSS6.7AI score0.01009EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:54 a.m.45 views

Security Bulletin: Vulnerabilities in OpenSSH and OpenSSL affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in OpenSSH and OpenSSL affect IBM Storage Virtualize products and could allow arbitrary code execution, authentication bypass and denial of service. CVE-2024-6387 CVE-2024-6409 CVE-2023-2975 CVE-2023-3446 CVE-2023-3817 CVE-2023-5678. Vulnerability Details CVEID:CVE-2024-63...

8.1CVSS8.4AI score0.99506EPSS
Exploits68Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:47 a.m.27 views

Security Bulletin: AIX is vulnerable to information disclosure (CVE-2024-13176) or arbitrary code execution or a denial of service (CVE-2024-9143) due to OpenSSL

Summary Vulnerabilities in OpenSSL could allow an attacker to recover a private key CVE-2024-13176 or execute arbitrary code or cause a denial of service CVE-2024-9143. OpenSSL is used by AIX as part of AIX's secure network communications. Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION:...

4.3CVSS6.4AI score0.05966EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:45 a.m.37 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.8 LTS and 12.8.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.8CVSS9.9AI score0.01298EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:3 a.m.85 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.7.0 Vulnerability Details CVEID:CVE-2024-43380 DESCRIPTION: floraison fugit is vulnerable to a denial of service, caused by improper input validation by the natural parser. By sending a specially crafted request,...

8.8CVSS10AI score0.35447EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:50 a.m.71 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID:CVE-2024-0553 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive...

7.8CVSS9.8AI score0.19753EPSS
Exploits19Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:41 a.m.69 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and Apache Xerces C++ XML parser, and Data Protection for VMware. The flaws can lead to server-side request forgery,...

9.8CVSS9.8AI score0.78483EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:22 a.m.49 views

Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

Summary IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities. IBM has addressed the relevant vulnerabilities with updates. Vulnerability Details CVEID:CVE-2020-19909 DESCRIPTION: cURL libcurl is vulnerable to a denial of service, caused by an integer overflow in...

9.8CVSS9.6AI score0.78483EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:20 a.m.72 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of...

9.8CVSS9.5AI score0.07269EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:18 a.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and IBM Java may affect IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V can be affected by security flaws in IBM WebSphere Application Server Liberty, OpenSSL, libcurl, and IBM Java. The flaws can lead to denial of service, sensitive information exposure, memory resource...

7.5CVSS8.1AI score0.06208EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.8 views

RHEL 9 : openssl (RHSA-2025:3666)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3666 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

9.1CVSS7.6AI score0.05582EPSS
Exploits1References5
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.7 views

Advisory ROSA-SA-2025-2816

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2024-5535 BDU-ID: 2024-06988 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSLselectnextproto function of the SSL toolkit for the TLS and SSL OpenSSL protocols is related to informatio...

9.1CVSS9.1AI score0.05582EPSS
Exploits1
OSV
OSV
added 2025/04/11 5:10 p.m.4 views

CLSA-2024-1729546540 openssl: Fix of CVE-2024-6119

CVE-2024-6119: avoid type errors in EAI-related name check logic...

7.5CVSS6.9AI score0.66594EPSS
Exploits0References1
OSV
OSV
added 2025/04/11 4:52 p.m.3 views

CLSA-2024-1709548308 openssl: Fix of CVE-2023-5363

CVE-2023-5363: process key length and iv length early if present...

7.5CVSS6.8AI score0.03332EPSS
Exploits0References1
Fedora
Fedora
added 2025/04/11 1:53 a.m.9 views

[SECURITY] Fedora 40 Update: openvpn-2.6.14-1.fc40

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS7.6AI score0.00784EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-3296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style...

5.9CVSS6.2AI score0.00415EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.331 views

ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure

Exploit Tiltle: ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...

9.4CVSS7AI score0.02366EPSS
Exploits7
OpenVAS
OpenVAS
added 2025/04/11 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1369)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.1CVSS4.9AI score0.00601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.8 views

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2025-1370)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact...

4.1CVSS6.4AI score0.00601EPSS
Exploits0References2
Rows per page
Query Builder