Lucene search
K

26 matches found

CVE
CVE
added 2026/06/09 4:3 p.m.68 views

CVE-2026-42768

The CVE-2026-42768 issue concerns Bleichenbacher-style side-channel attacks against CMS_decrypt() and PKCS7_decrypt() in OpenSSL. The vulnerability arises when processing CMS or S/MIME messages with multiple RecipientInfo entries (KTRI). In variant 1, decryption is attempted without a recipient c...

3.7CVSS5.5AI score0.0035EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

OpenSSL 资源管理错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/21 1:28 a.m.15 views

[SECURITY] Fedora 43 Update: nss-3.123.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/21 1:28 a.m.12 views

[SECURITY] Fedora 43 Update: opencryptoki-3.26.0-3.fc43

Opencryptoki implements the PKCS11 specification v3.0 and partially v3.1 for a set of cryptographic hardware, such as IBM 4767, 4768, 4769 and 4770 crypto cards, and the Trusted Platform Module TPM chip. Opencryptoki also brings a software token implementation that can be used without any cryptog...

6.8CVSS5.8AI score0.00162EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/24 2:20 a.m.5 views

CVE-2026-33317 OP-TEE: PKCS#11 TA out-of-bounds read and memory disclosure

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, missing checks in entrygetattributevalue in ta/pkcs11/src/object.c can lead to out-of-bounds read from...

8.7CVSS5.5AI score0.00183EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.15 views

PT-2026-34837

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In versions 3.13.0 through 4.10.0, missing checks in entry get attribute value in ta/pkcs11/src/object.c can lead to out-of-bounds read...

8.7CVSS5.9AI score0.00183EPSS
Exploits2References6
Redos
Redos
added 2026/04/20 12:0 a.m.7 views

ROS-20260420-73-0009

A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00844EPSS
Exploits1
Cvelist
Cvelist
added 2026/04/10 3:10 a.m.25 views

CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS0.00355EPSS
Exploits0References1
Fedora
Fedora
added 2026/03/31 12:27 a.m.8 views

[SECURITY] Fedora 44 Update: nss-3.121.0-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-11727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists where it possible to force Network Security Services NSS to sign CertificateVerify with PKCS1 v1.5 signatures when those are the only one...

5.3CVSS7.3AI score0.01741EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/10 12:0 a.m.4 views

PT-2025-6067 · Unknown +2 · Pam Pkcs11 +2

Name of the Vulnerable Software and Affected Versions: PAM-PKCS11 versions 0.6.12 and prior Description: The issue affects a Linux-PAM login module that allows X.509 certificate-based user login. When a user presses ctrl-c/ctrl-d while being asked for a PIN, the pam pkcs11 module segfaults...

9.2CVSS8.1AI score0.00677EPSS
Exploits0References35
OSV
OSV
added 2024/09/03 10:15 p.m.1 views

UBUNTU-CVE-2024-45617

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS7AI score0.00302EPSS
Exploits0References6
OSV
OSV
added 2024/01/30 5:15 p.m.3 views

DEBIAN-CVE-2023-6258

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards PKCS11. If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS1 1.5...

8.1CVSS7.5AI score0.00565EPSS
Exploits0References1
OSV
OSV
added 2024/01/30 5:15 p.m.3 views

UBUNTU-CVE-2023-6258

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards PKCS11. If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS1 1.5...

8.1CVSS5.7AI score0.00565EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/01/30 4:55 p.m.27 views

CVE-2023-6258

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards PKCS11. If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS1 1.5...

8.1CVSS8AI score0.00565EPSS
Exploits0
OSV
OSV
added 2023/11/29 7:15 p.m.6 views

AZL-32051 CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...

7.5CVSS6.5AI score0.00985EPSS
Exploits1References1
OSV
OSV
added 2023/04/12 7:25 p.m.6 views

CLSA-2023-1681327540 nss: Fix of CVE-2023-0767

CVE-2023-0767: nss: improve handling of unknown PKCS12 safe bag types...

8.8CVSS6.9AI score0.00817EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/03/23 9:9 a.m.4 views

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS7.4AI score0.00817EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/15 10:0 a.m.3 views

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS7.4AI score0.00817EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.6 views

SUSE CVE-2016-10009

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

7.3CVSS8AI score0.37431EPSS
Exploits4References17
Rows per page
Query Builder