Lucene search
K

418 matches found

alpinelinux
alpinelinux
added 2026/04/09 10:53 p.m.9 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS5.7AI score0.00175EPSS
Exploits0
ubuntucve
ubuntucve
added 2026/03/19 10:16 p.m.5 views

CVE-2026-4159

1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...

3.3CVSS5.8AI score0.00095EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/03/19 9:17 p.m.3 views

CVE-2026-4159 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read

1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...

2.1CVSS5.8AI score0.00095EPSS
Exploits0References1
osv
osv
added 2026/03/19 5:16 p.m.7 views

UBUNTU-CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS6.1AI score0.00101EPSS
Exploits0References3
alpinelinux
alpinelinux
added 2026/03/19 4:54 p.m.2 views

CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS5.7AI score0.00101EPSS
Exploits0
debiancve
debiancve
added 2026/03/19 4:54 p.m.4 views

CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS5.8AI score0.00101EPSS
Exploits0
nessus
nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS Virtualization 2.12.0 : nss (EulerOS-SA-2026-1504)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...

6.5CVSS5.8AI score0.0063EPSS
Exploits0References2
nessus
nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS Virtualization 2.12.1 : nss (EulerOS-SA-2026-1447)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash...

6.5CVSS6.9AI score0.0063EPSS
Exploits0References2
nessus
nessus
added 2026/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-3336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper certificate validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects...

8.7CVSS7.4AI score0.00771EPSS
Exploits0References2
nessus
nessus
added 2026/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with...

8.7CVSS8.4AI score0.00779EPSS
Exploits0References2
osv
osv
added 2026/03/03 8:25 p.m.3 views

GHSA-HFPC-8R3F-GW53 AWS-LC has PKCS7_verify Signature Validation Bypass

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need...

7.5CVSS6AI score0.00779EPSS
Exploits0References6
nvd
nvd
added 2026/03/02 10:16 p.m.8 views

CVE-2026-3336

Improper certificate validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should...

8.7CVSS0.00771EPSS
Exploits0References7
cve
cve
added 2026/03/02 9:22 p.m.19 views

CVE-2026-3338

The vulnerability CVE-2026-3338 arises from improper signature validation in PKCS7_verify() within the AWS-LC library, allowing an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Affected component: AWS-LC. Root cause: flawed sign...

8.7CVSS5.9AI score0.00779EPSS
Exploits0References7Affected Software2
cvelist
cvelist
added 2026/03/02 9:22 p.m.19 views

CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC

Improper signature validation in PKCS7verify in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69...

8.7CVSS0.00779EPSS
Exploits0References3
amazon
amazon
added 2026/02/19 12:0 a.m.11 views

Important: edk2

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths,...

7.5CVSS5.7AI score0.00844EPSS
Exploits1
amazon
amazon
added 2026/02/19 12:0 a.m.10 views

Important: openssl-snapsafe

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TY...

7.5CVSS5.7AI score0.00844EPSS
Exploits1
nessus
nessus
added 2026/02/14 12:0 a.m.4 views

SUSE SLES11: libopenssl1-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2026:0498-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0498-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References13
osv
osv
added 2026/02/12 2:47 p.m.6 views

SUSE-SU-2026:20349-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References17
nessus
nessus
added 2026/02/03 12:0 a.m.6 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References22
nessus
nessus
added 2026/02/03 12:0 a.m.5 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:0358-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0358-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyrespon...

7.5CVSS6.8AI score0.00844EPSS
Exploits1References22
Rows per page
Query Builder