Lucene search
K

7 matches found

OSV
OSV
added 2026/06/26 1:59 p.m.2 views

SUSE-SU-2026:2662-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. - CVE-2025-15468: NULL dereference in SSLCIPHERfi...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References10
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in gnutls28

A vulnerability has been discovered in gnutls. This security flaw occurs due to a double-free error that occurs during the verification of pkcs7 signatures in the gnutlspkcs7verify function...

7.5CVSS6.7AI score0.01492EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 6:32 p.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in PKCS7verify. An attacker supplying a PKCS7 or S/MIME signed message whose SignedData digestAlgorithms field is an empty ASN.1 SET can cause a caller-owned BIO to be freed during verification. A subsequent use of that B...

8.8CVSS7.7AI score0.02719EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 6:16 p.m.2 views

CVE-2026-34610

The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...

5.9CVSS0.00162EPSS
Exploits0References3
OSV
OSV
added 2026/03/02 12:0 p.m.4 views

RUSTSEC-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. aws-lc-sys contains code from AWS-LC. Applications using...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.10 views

AlmaLinux 9 : openssl (ALSA-2026:1473)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1473 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or Deni...

9.8CVSS6.2AI score0.47621EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.7 views

AlmaLinux 10 : openssl (ALSA-2026:1472)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References14
Rows per page
Query Builder