Lucene search
K

23343 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.8 views

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2025-1370)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact...

4.1CVSS6.4AI score0.00601EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.331 views

ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure

Exploit Tiltle: ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...

9.4CVSS7AI score0.02366EPSS
Exploits7
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/10 7:49 a.m.30 views

Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB, Python, Samba, OpenSSL and cURL libcurl affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in libcurl, MongoDB, Python, Samba, OpenSSL and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing...

8CVSS9.5AI score0.00979EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2025/04/10 12:36 a.m.6 views

K000150784: OpenSSL vulnerability CVE-2024-13176

Security Advisory Description Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker...

4.1CVSS5.9AI score0.00601EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.5 views

PT-2025-20238 · Ао 'Сбертех' · Субд 'Platform V Pangolin Db'

Уязвимость системы управления базами данных Platform V Pangolin DB связана с конфликтом данных в BIO-структурах OpenSSL. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, перезаписать критически важные данные, ограничить возможность установки SSL-соединений и осуществить...

9CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2025/04/08 7:15 p.m.26 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS6.6AI score0.00452EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/04/08 7:15 p.m.2 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS5.8AI score0.00452EPSS
Exploits0References7Affected Software10
OSV
OSV
added 2025/04/08 7:15 p.m.6 views

AZL-61804 CVE-2025-3416 affecting package 389-ds-base 3.1.1-10

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS5.7AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 7:15 p.m.2 views

DEBIAN-CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS4.8AI score0.00452EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 7:15 p.m.9 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS0.00452EPSS
Exploits0References6
OSV
OSV
added 2025/04/08 7:15 p.m.2 views

UBUNTU-CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS5.7AI score0.00452EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/04/08 6:24 p.m.8 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS3.8AI score0.00452EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/08 6:24 p.m.13 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS0.00452EPSS
Exploits0References6
CVE
CVE
added 2025/04/08 6:24 p.m.111 views

CVE-2025-3416

CVE-2025-3416 describes a Use-After-Free in rust-openssl used by OpenSSL for handling the properties argument, potentially causing undefined behavior or incorrect property parsing and treating input as an empty string. Connected advisories show this affects AWS Amazon Linux 2/AL2023 ecosystems vi...

3.7CVSS6.8AI score0.00452EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/04/08 6:24 p.m.8 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS4.8AI score0.00452EPSS
Exploits0
OSV
OSV
added 2025/04/08 10:4 a.m.10 views

RHSA-2025:3666 Red Hat Security Advisory: openssl security update

Bulletin has no description...

5.9CVSS7.2AI score0.05582EPSS
Exploits1References8
Fedora
Fedora
added 2025/04/08 1:29 a.m.8 views

[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS6.9AI score0.00784EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/04/08 1:14 a.m.4 views

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...

9.1CVSS6.8AI score0.05582EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/04/08 1:14 a.m.52 views

Low: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS7.2AI score0.05582EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

OpenSSL 资源管理错误漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

3.7CVSS4.8AI score0.00452EPSS
Exploits0References7
Rows per page
Query Builder