Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.5 views

Azure Linux 3.0 Security Update: edk2 / hvloader / nodejs18 / openssl (CVE-2023-0464)

The version of edk2 / hvloader / nodejs18 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0464 advisory. - A security vulnerability has been identified in all supported versions of OpenS...

7.5CVSS6.2AI score0.03658EPSS
Exploits0References2
OSV
OSV
added 2024/02/23 11:6 a.m.11 views

OESA-2024-1168 nodejs security update

Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include polic...

7.5CVSS8.3AI score0.99999EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS Virtualization 2.11.1 : openssl (EulerOS-SA-2023-2736)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certifica...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/24 1:49 p.m.91 views

Security Bulletin: IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities

Summary IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities Vulnerability Details CVEID:CVE-2023-42794 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by accumulation of temporary files on Windows when a web application opened a stream for an uploaded file...

7.8CVSS8.3AI score0.90407EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/05 8:9 p.m.32 views

Security Bulletin: IBM Spectrum Symphony openssl 1.1.1 End of Life

Summary IBM Spectrum Symphony openssl 1.1.1 End of Life Vulnerability Details CVEID:CVE-2023-0464 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error related to the verification of X.509 certificate chains that include policy constraints. By creating a specially crafted...

7.5CVSS7.3AI score0.73461EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2702)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.03658EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.47 views

Oracle Linux 9 : openssl (ELSA-2023-12768)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12768 advisory. 3.0.7-16.0.1 - Replace upstream references Orabug: 34340177 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS6.8AI score0.73461EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.42 views

Amazon Linux AMI : openssl (ALAS-2023-1762)

The version of openssl installed on the remote host is prior to 1.0.2k-16.163. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1762 advisory. A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.50...

7.5CVSS6.4AI score0.73461EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2023-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.03658EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.84 views

Amazon Linux 2 : openssl (ALAS-2023-2073)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2073 advisory. A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509...

7.5CVSS6.4AI score0.73461EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.41 views

Debian DSA-5417-1 : openssl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5417 advisory. - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy...

7.5CVSS6.5AI score0.73461EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 2:12 p.m.50 views

Security Bulletin: OpenSSL security vulnerability CVE-2021-3449 and CVE-2021-3450 in IBM Safer Payments versions of 6.1 and 6.2 below 6.1.0.08 and 6.2.1.03

Summary CVE-2021-3449: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server t...

7.4CVSS7AI score0.62906EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/05 12:0 a.m.27 views

SUSE SLES12: libopenssl-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2023:1738-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:1738-1 advisory. - CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints bsc1209624. Tenable has extracted the preceding description block...

7.5CVSS6.7AI score0.03658EPSS
Exploits0References4
Prion
Prion
added 2023/03/22 5:15 p.m.70 views

Design/Logic Flaw

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...

5CVSS7.5AI score0.03658EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.326 views

OpenSSL 3.0.0 < 3.0.9 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.9 advisory. - The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References13
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/08 9:42 a.m.43 views

Security Bulletin: Multiple vulnerabilities in OpenSSL may affect IBM Workload Scheduler

Summary OpenSSL vulnerabilities CVE-2021-3449 and CVE-2021-3450 have been disclosed by the OpenSSL Project. OpenSSL is used by IBM Workload Scheduler. IBM Workload Scheduler has addressed the CVE Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...

7.4CVSS0.7AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/29 3:29 p.m.53 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2021-3449, CVE-2021-3450)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL...

7.4CVSS1AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/14 2:0 p.m.37 views

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerabilities (CVE-2021-3449 and CVE-2021-3450)

Summary IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerabilities CVE-2021-3449 and CVE-2021-3450. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a...

7.4CVSS1.3AI score0.62906EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/15 4:3 p.m.47 views

Security Bulletin: OpenSSL for IBM i is affected by CVE-2021-3449 and CVE-2021-3450

Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-3449 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a specially crafted renegotiation...

7.4CVSS2.2AI score0.62906EPSS
Exploits4Affected Software1
RedhatCVE
RedhatCVE
added 2021/02/10 9:36 p.m.34 views

CVE-2021-1721

A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...

6.5CVSS3AI score0.0334EPSS
Exploits0References5
Rows per page
Query Builder