Lucene search
K

135 matches found

OSV
OSV
added 2026/06/26 11:6 a.m.2 views

SUSE-SU-2026:2648-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS6.3AI score0.02719EPSS
Exploits0References27
EUVD
EUVD
added 2026/06/25 7:38 p.m.3 views

EUVD-2026-39548

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.9AI score0.00145EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:56 p.m.20 views

CVE-2026-11999

CVE-2026-11999 affects wolfSSL when built with --enable-opensslextra. The X509_verify_cert() path-depth exhaustion in wolfSSL_X509_verify_cert() can allow an attacker-controlled certificate to be accepted if the caller supplies untrusted intermediates and the chain depth exceeds the verifier’s ma...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 4:46 p.m.19 views

CVE-2026-6091 Partial-chain verification accepts untrusted intermediate as trust anchor

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6CVSS0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:46 p.m.16 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. The vulnerability affects the wolfSSL OpenSSL compatibility certificate-path-building path (wolfSSL_X509_verify_cert / X509_STORE, OPENSSL_E...

6.5CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52563

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An X.509 trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra OPENS...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.8 views

SUSE CVE-2026-42769

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.9CVSS5.7AI score0.00262EPSS
Exploits0References8
Snyk
Snyk
added 2026/06/09 6:33 p.m.9 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in OSSLCMPget1rootCaKeyUpdate. An attacker with credentials that satisfy the CMP message protection checks, such as a Registration Authority, can replace the root CA certificate held by affected CMP clien...

6CVSS5.5AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.15 views

EUVD-2026-35486

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.3CVSS5.7AI score0.00262EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.34 views

CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

0.00262EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.7 views

CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.7AI score0.00262EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 4:3 p.m.50 views

CVE-2026-42769

Summary: CVE-2026-42769 arises from an error in the CMP Root CA key rollover verification in OpenSSL. A typo in the certificate chain building code caused the verifier to add the wrong certificate ("newWithOld" instead of the intended "oldRoot") to the chain, rendering the verification ineffectiv...

5.3CVSS5.7AI score0.00262EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/09 12:0 a.m.5 views

UBUNTU-CVE-2026-42769

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.3CVSS5.6AI score0.00262EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/04 7:8 p.m.11 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the OVN database connection process. An attacker can gain unauthorized access to sensitive network configuration data by presenting a rogue self-signed certificate chain during the TLS handshake, which is...

4.8CVSS5.8AI score0.00173EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/04 7:8 p.m.7 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the OVN database connection process. An attacker can gain unauthorized access to sensitive network configuration data by presenting a rogue self-signed certificate chain during the TLS handshake, which is...

4.8CVSS5.8AI score0.00173EPSS
Exploits1References2
OSV
OSV
added 2026/04/27 6:33 p.m.7 views

JLSEC-2026-272

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00631EPSS
Exploits0References6
OSV
OSV
added 2026/04/07 10:16 p.m.5 views

ALPINE-CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00631EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-17921

Malware in sbrugna...

9.8CVSS9.3AI score0.00792EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-0244

Malware in sbrugna...

2.6CVSS6.3AI score0.06524EPSS
Exploits1References11
Rows per page
Query Builder