Lucene search
+L

425 matches found

OSV
OSV
added 2 days ago5 views

MGASA-2026-0253 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion. CVE-2026-7383 Out-of-Bounds Read in CMS Password-Based Decryption. CVE-2026-9076 Heap Buffer Over-read in ASN.1 Content Parsing. CVE-2026-34180 PKCS12 Files with PBMAC1 Are...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 4 days ago8 views

Important: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

8.8CVSS6.9AI score0.02719EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 4 days ago5 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS6.2AI score0.02719EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/07 2:35 p.m.6 views

Important: Red Hat Security Advisory: compat-openssl10 security update

An update for compat-openssl10 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

8.8CVSS6AI score0.02719EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 12:0 a.m.2 views

ALSA-2026:36215 Important: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: Heap...

8.8CVSS6.1AI score0.02719EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-6678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. CVE-2026-6678 Note th...

5.3CVSS6.1AI score0.0019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-7511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be...

7.5CVSS6.1AI score0.00171EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

Oracle Linux 8 : openssl (ELSA-2026-50323)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50323 advisory. - Fix CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify Resolves: RHEL-180978 - Fix CVE-2024-4741: Use After Free with SSLfreebuffers Resolve...

8.8CVSS7.5AI score0.02945EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2621-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2621-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

8.8CVSS7.1AI score0.02719EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/25 9:32 p.m.4 views

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 6:16 p.m.16 views

CVE-2026-6094

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

9.1CVSS0.00294EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 4:51 p.m.8 views

CVE-2026-55961

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 4:35 p.m.31 views

CVE-2026-6094 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

6.3CVSS0.00294EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 4:35 p.m.7 views

EUVD-2026-39480

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

6.3CVSS6AI score0.00294EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 4:35 p.m.7 views

CVE-2026-6094

Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...

9.1CVSS5.9AI score0.00294EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.11 views

MiracleLinux 8 : openssl-1.1.1k-16.el8_6 (AXSA:2026-792:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-792:09 advisory. openssl: Use After Free with SSLfreebuffers CVE-2024-4741 openssl: Heap Use-After-Free in OpenSSL PKCS7verify CVE-2026-45447 Tenable has extracted th...

8.8CVSS6.9AI score0.02945EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2410-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2410-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

8.8CVSS7.1AI score0.02719EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:2404-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2404-1 advisory. - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in...

8.8CVSS6.5AI score0.02719EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

SUSE SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2026:2396-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2396-1 advisory. This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.15 views

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2409-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2409-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

8.8CVSS7.1AI score0.02719EPSS
Exploits0References5
Rows per page
Query Builder