Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: An invalid or NULL pointer dereference can occur in an application processing a malformed PKCS12 file. This can lead to a Denial of Service attack. Impact summary: An application processing a malformed PKCS12 file may inadvertently dereference an invalid or NULL pointer during memo...

5.5CVSS6.7AI score0.00144EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/17 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-8507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING...

9.8CVSS5.6AI score0.00648EPSS
Exploits0References3
OSV
OSV
added 2026/05/03 9:57 a.m.5 views

OESA-2026-2189 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An...

8.1CVSS7.5AI score0.00885EPSS
Exploits1References6
OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-247 Null pointer dereference in PKCS12 parsing

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...

5.5CVSS5.4AI score0.03174EPSS
Exploits0References17
OSV
OSV
added 2026/02/12 2:47 p.m.6 views

SUSE-SU-2026:20349-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References17
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.3 views

openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2026:20152-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20152-1 advisory. Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer...

9.8CVSS5.7AI score0.47621EPSS
Exploits7References37
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.5 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:0360-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0360-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References22
SUSE Linux
SUSE Linux
added 2026/02/02 9:55 a.m.6 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...

6.9CVSS5.4AI score0.00844EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:0346-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0346-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE...

7.5CVSS6.8AI score0.00844EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

Fedora 42 : openssl (2026-9bb4c555f1)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9bb4c555f1 advisory. Don't crash on parsing PKCS12 without MAC Resolves: CVE-2025-11187 Resolves: CVE-2025-15467 Resolves: CVE-2025-69419 Tenable has extracted the...

9.8CVSS7AI score0.47621EPSS
Exploits7References4
SUSE Linux
SUSE Linux
added 2026/01/29 6:34 p.m.8 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...

6.9CVSS5.9AI score0.00844EPSS
Exploits1References28
SUSE Linux
SUSE Linux
added 2026/01/28 9:38 a.m.4 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...

9.8CVSS6AI score0.47621EPSS
Exploits7References32
OSV
OSV
added 2026/01/28 9:37 a.m.7 views

SUSE-SU-2026:0312-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
OSV
OSV
added 2026/01/28 9:37 a.m.5 views

SUSE-SU-2026:0311-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
OSV
OSV
added 2026/01/28 9:37 a.m.4 views

SUSE-SU-2026:0310-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
Node JS Blog
Node JS Blog
added 2026/01/28 12:0 a.m.12 views

OpenSSL Security Advisory Assessment, January 2026

OpenSSL Security Advisory Assessment, January 2026 Summary The OpenSSL project released a security advisory that includes 12 CVEs. After assessment, we have concluded that three CVEs affect Node.js severity Low to Moderate. Given the limited attack surface, the OpenSSL updates will be included in...

9.8CVSS6.1AI score0.47621EPSS
Exploits7
OSV
OSV
added 2026/01/27 4:16 p.m.6 views

AZL-75893 CVE-2026-22795 affecting package edk2 20240524git3e722403cd16-14

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.5CVSS5.7AI score0.00144EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-76119 CVE-2026-22795 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.5CVSS6.4AI score0.00144EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-78552 CVE-2026-22795 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

5.5CVSS7AI score0.00144EPSS
Exploits1References1
Rows per page
Query Builder