Lucene search
+L

6 matches found

OSV
OSV
added 2026/07/10 9:17 a.m.1 views

OPENSUSE-SU-2026:21294-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length...

9.8CVSS6.2AI score0.00359EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-41678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that...

9.8CVSS5.9AI score0.00294EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/25 11:54 a.m.13 views

CVE-2026-41678

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit an incorrect assertion in the aes::unwrapkey function. This flaw causes the function to incorrectly validate buffer sizes, allowing a smaller output buffer tha...

9.8CVSS6AI score0.00294EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/24 5:18 p.m.10 views

EUVD-2026-25584

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that out.len + 8 = in.len - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers a...

9.2CVSS5.5AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34621

Name of the Vulnerable Software and Affected Versions rust-openssl versions prior to 0.10.78 Description The aes::unwrap key function contains an incorrect assertion regarding the output buffer size. It checks that out.len + 8 = in .len - 8. Consequently, the function accepts buffers that are too...

9.8CVSS5.4AI score0.00294EPSS
Exploits0References106
OSV
OSV
added 2021/02/03 5:15 p.m.5 views

CVE-2020-25855

The function AESUnWRAP in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for a memcpy operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An...

8.1CVSS6.5AI score0.02636EPSS
Exploits1References1
Rows per page
Query Builder