CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Github Security Blog•added 2026/05/19 7:50 p.m.•8 views

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.8AI score

Exploits0References2Affected Software1

RedhatCVE•added 2026/05/19 7:7 p.m.•7 views

CVE-2026-44662

A flaw was found in rust-openssl. When using AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad with an input that is not a multiple of 8, the output buffers are incorrectly sized. This can lead to attacker-controllable heap corruption, allowing an attacker to write up to 7 bytes past the...

5.1CVSS5.7AI score0.00006EPSS

Exploits0References2

Tenable Nessus•added 2026/05/15 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-44662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate,...

5.1CVSS5.9AI score0.00006EPSS

Exploits0References3

OSV•added 2026/05/14 9:16 p.m.•0 views

DEBIAN-CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.9AI score0.00006EPSS

Exploits0References1