Lucene search
K

891 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/02 9:34 p.m.8 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : python-pyasn1 (EulerOS-SA-2026-2504)

According to the versions of the python-pyasn1 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by...

7.5CVSS6.7AI score0.00679EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 11:28 a.m.38 views

CVE-2026-57914 Apache Kerby: StackOverflow on parsing deeply nested ASN1 structures

By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trigger a StackOverFlow Exception which can lead to denial of service issues. Users are recommended to upgrade to version 2.1.2, which fixes this issue...

0.00294EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:2614-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2614-1 advisory. - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in...

8.8CVSS6.5AI score0.02719EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:2598-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2598-1 advisory. This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String...

8.8CVSS6.5AI score0.02719EPSS
Exploits0References25
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.11 views

libtasn1 security update

An update is available for libtasn1. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A library that provides Abstract Syntax Notation One ASN.1, as specified by...

7.5CVSS7.4AI score0.01109EPSS
Exploits0
OSV
OSV
added 2026/06/24 12:5 p.m.5 views

RLSA-2026:28235 Low: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: libtasn1: Denial of Service via stack-based...

5.9CVSS6.3AI score0.01109EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 9:2 a.m.2 views

SUSE-SU-2026:2614-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.8AI score0.02719EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/23 11:58 p.m.11 views

Low: Red Hat Security Advisory: libtasn1 security update

An update for libtasn1 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS7.9AI score0.01109EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 3:39 p.m.7 views

SUSE-SU-2026:2598-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References17
OSV
OSV
added 2026/06/22 12:26 p.m.3 views

OPENSUSE-SU-2026:21005-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...

9.1CVSS7.1AI score0.02719EPSS
Exploits0References30
OSV
OSV
added 2026/06/22 12:0 a.m.2 views

OPENSUSE-SU-2026:11079-1 ghc-crypton-asn1-parse-0.10.0-1.1 on GA media

These are all security issues fixed in the ghc-crypton-asn1-parse-0.10.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.9AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 12:0 a.m.2 views

OPENSUSE-SU-2026:11078-1 ghc-crypton-asn1-encoding-0.10.0-1.1 on GA media

These are all security issues fixed in the ghc-crypton-asn1-encoding-0.10.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.9AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 12:0 a.m.2 views

OPENSUSE-SU-2026:11080-1 ghc-crypton-asn1-types-0.4.1-1.1 on GA media

These are all security issues fixed in the ghc-crypton-asn1-types-0.4.1-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.9AI score0.00223EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.13 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1853)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1853 advisory. Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitiveelement whose content exceeds 2 gigabytes in length may cause a heap bufferover-read on 64-bit Unix and Unix-like...

9.1CVSS6.5AI score0.02719EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2 : edk2, --advisory ALAS2-2026-3363 (ALAS-2026-3363)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3363 advisory. Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitiveelement whose content exceeds 2 gigabytes in length may cause a heap bufferover-read on 64-bit Unix and Unix-like...

8.8CVSS6.8AI score0.02719EPSS
Exploits0References12
OSV
OSV
added 2026/06/16 6:53 a.m.5 views

SUSE-SU-2026:2404-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.2AI score0.02719EPSS
Exploits0References11
OSV
OSV
added 2026/06/16 6:53 a.m.4 views

SUSE-SU-2026:2403-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.2AI score0.02719EPSS
Exploits0References11
SUSE Linux
SUSE Linux
added 2026/06/15 2:34 p.m.7 views

Security update for openssl-3

This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.2CVSS5.3AI score0.02719EPSS
Exploits0References32
OSV
OSV
added 2026/06/13 12:5 a.m.12 views

RLSA-2026:25237 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-73...

9.1CVSS5.8AI score0.02719EPSS
Exploits0References16
Rows per page
Query Builder