Lucene search
K

23343 matches found

SUSE CVE
SUSE CVE
added 2025/03/27 12:38 a.m.3 views

SUSE CVE-2002-0655

OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code...

7.5CVSS7.4AI score0.08169EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.5 views

The vulnerability of the OpenSSL library, related to the hidden time channel, allows a hacker to recover the secret key.

The vulnerability of the OpenSSL library is related to a hidden time channel. Exploiting this vulnerability allows a malicious actor, operating remotely, to recover the secret key...

4.3CVSS6.4AI score0.00601EPSS
Exploits0References17Affected Software12
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:52 a.m.62 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed several security vulnerabilities including those in Java, Go, Python, OpenSSL and Node.js Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused b...

9.8CVSS9.8AI score0.03872EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 2:27 a.m.234 views

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP6. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.3. A vulnerability where user credentials are stored in plain cleartext in a log and could be read by an authenticated us...

9.8CVSS9.7AI score0.87816EPSS
Exploits6Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.8 views

(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

7.8CVSS7.2AI score0.00182EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/03/25 12:0 a.m.7 views

(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

7.8CVSS7.2AI score0.00182EPSS
Exploits0
OSV
OSV
added 2025/03/23 9:43 a.m.4 views

CLSA-2025-1742723010 openssl: Fix of CVE-2024-2408

CVE-2024-2408: introduce implicit rejection mechanism for RSA PKCS1 v1.5...

5.9CVSS6.4AI score0.01158EPSS
Exploits1References1
OSV
OSV
added 2025/03/22 4:43 p.m.5 views

CLSA-2025-1742661821 openssl: Fix of CVE-2024-2408

CVE-2024-2408: introduce implicit rejection mechanism for RSA PKCS1 v1.5...

5.9CVSS6.4AI score0.01158EPSS
Exploits1References1
OSV
OSV
added 2025/03/21 1:20 p.m.5 views

OESA-2025-1326 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...

5.3CVSS7AI score0.01131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.14 views

Azure Linux 3.0 Security Update: hvloader / openssl (CVE-2024-9143)

The version of hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-9143 advisory. - Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field...

4.3CVSS7.4AI score0.05966EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.16 views

RockyLinux 9 : openssl (RLSA-2025:1330)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1330 advisory. openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected CVE-2024-12797 Tenable has extracted the preceding description block directly fro...

6.3CVSS7AI score0.02357EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.51 views

RockyLinux 9 : mysql (RLSA-2025:1671)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:1671 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.16212EPSS
Exploits3References99
Rockylinux
Rockylinux
added 2025/03/17 8:17 p.m.12 views

openssl-ibmca bug fix and enhancement update

An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

6.8AI score
Exploits0
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

haproxy bug fix and enhancement update

An update is available for haproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load balanc...

7.3AI score
Exploits0
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.3 views

httpd bug fix update

An update is available for httpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

7.2AI score
Exploits0
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

perl-Crypt-OpenSSL-RSA bug fix and enhancement update

An update is available for perl-Crypt-OpenSSL-RSA. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

6.8AI score
Exploits0
OSV
OSV
added 2025/03/17 8:16 p.m.14 views

RLSA-2024:9088 Moderate: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent...

6.5CVSS6.9AI score0.03174EPSS
Exploits0References5
OSV
OSV
added 2025/03/17 8:16 p.m.40 views

RLSA-2025:1671 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

7.5CVSS8.5AI score0.16212EPSS
Exploits3References50
OSV
OSV
added 2025/03/17 8:16 p.m.16 views

RLSA-2024:9333 Low: openssl and openssl-fips-provider security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...

9.1CVSS9.4AI score0.54026EPSS
Exploits1References5
OSV
OSV
added 2025/03/17 8:16 p.m.14 views

RLSA-2025:1330 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected CVE-2024-12797 For more...

7.4CVSS6.8AI score0.02357EPSS
Exploits0References2
Rows per page
Query Builder