Lucene search
K

56 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

RockyLinux 9 : openssl (RLSA-2026:25239)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25239 advisory. openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-7383 openssl: OpenSSL: Denial of Service due to...

9.1CVSS6.2AI score0.02719EPSS
Exploits0References31
OSV
OSV
added 2026/06/09 5:17 p.m.19 views

ALPINE-CVE-2026-45445

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

7.5CVSS5.8AI score0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.44 views

CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

0.0032EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6221

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.04425EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.46 views

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2023-0074)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

10CVSS7.4AI score0.95764EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2023/10/30 12:0 a.m.44 views

Ubuntu 22.04 LTS : Node.js vulnerabilities (USN-6457-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6457-1 advisory. Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted...

10CVSS7.6AI score0.95764EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.33 views

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2023-2242)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the da...

7.5CVSS7.6AI score0.59501EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.54 views

Tenable Sensor Proxy < 1.0.7 Multiple Vulnerabilities (TNS-2023-15)

According to its self-reported version, the Tenable Sensor Proxy application running on the remote host is version 1.0.6. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 1.1.1t: - An attacker that had observed a genuine connection between a client and a server...

7.5CVSS7.2AI score0.20444EPSS
Exploits0References6
Amazon
Amazon
added 2023/03/22 12:0 a.m.7 views

Medium: openssl

Issue Overview: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in...

7.5CVSS6.9AI score0.04425EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.95 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-054)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-054 advisory. AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of...

7.5CVSS6.8AI score0.04425EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.43 views

CBL Mariner 2.0 Security Update: hvloader / openssl (CVE-2022-2097)

The version of hvloader / openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2097 advisory. - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not...

5.3CVSS6.9AI score0.04425EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/17 12:0 a.m.51 views

Tenable Nessus Agent 8.3.3 / 8.3.4 Multiple Vulnerabilities (TNS-2023-13)

According to its self-reported version, the Tenable Nessus Agent running on the remote host is either 8.3.3 or 8.3.4. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 1.1.1t: - An attacker that had observed a genuine connection between a client and a server could...

7.5CVSS6.8AI score0.20444EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/07 12:0 a.m.85 views

Amazon Linux 2 : openssl11 (ALAS-2023-1974)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1974 advisory. AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the...

5.3CVSS6.9AI score0.04425EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.77 views

Debian dla-3325 : libssl-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3325 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3325-1 [email protected]...

7.5CVSS7.2AI score0.59501EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.5 views

SUSE CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

7.5CVSS6.4AI score0.04425EPSS
Exploits0References91
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 12:37 p.m.63 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors

Summary OpenSSL is used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors for Network Transport. CVE-2022-2068 and CVE-2022-2097 are identified as potential risks for products using older versions of OpenSLL. These potential risks are resolved by updating IBM Tivoli Netco...

9.8CVSS8.4AI score0.95764EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2895)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.95764EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2022/12/27 12:0 a.m.39 views

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2022-2877)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script...

10CVSS7.3AI score0.95764EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2022/12/27 12:0 a.m.37 views

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2022-2895)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script...

10CVSS7.3AI score0.95764EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.28 views

Amazon Linux 2022 : openssl, openssl-devel, openssl-libs (ALAS2022-2022-195)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-195 advisory. A flaw was found in OpenSSL. The issue in CVE-2022-1292 did not find other places in the crehash script where it possibly passed the file names of certificates being hashed to a command execute...

10CVSS7.4AI score0.95764EPSS
Exploits8References13
Rows per page
Query Builder