23343 matches found
EulerOS 2.0 SP11 : openssl (EulerOS-SA-2025-1370)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact...
ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure
Exploit Tiltle: ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...
Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB, Python, Samba, OpenSSL and cURL libcurl affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in libcurl, MongoDB, Python, Samba, OpenSSL and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing...
K000150784: OpenSSL vulnerability CVE-2024-13176
Security Advisory Description Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker...
PT-2025-20238 · Ао 'Сбертех' · Субд 'Platform V Pangolin Db'
Уязвимость системы управления базами данных Platform V Pangolin DB связана с конфликтом данных в BIO-структурах OpenSSL. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, перезаписать критически важные данные, ограничить возможность установки SSL-соединений и осуществить...
CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
AZL-61804 CVE-2025-3416 affecting package 389-ds-base 3.1.1-10
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
DEBIAN-CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
UBUNTU-CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-3416
CVE-2025-3416 describes a Use-After-Free in rust-openssl used by OpenSSL for handling the properties argument, potentially causing undefined behavior or incorrect property parsing and treating input as an empty string. Connected advisories show this affects AWS Amazon Linux 2/AL2023 ecosystems vi...
CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
RHSA-2025:3666 Red Hat Security Advisory: openssl security update
Bulletin has no description...
[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
openssl: SSL_select_next_proto buffer overread
A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...
Low: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OpenSSL 资源管理错误漏洞
OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...