Lucene search
K

1116 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-41516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

3.3CVSS6.2AI score0.00099EPSS
Exploits1References3
OSV
OSV
added 2026/07/06 8:16 p.m.2 views

DEBIAN-CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS6AI score0.00099EPSS
Exploits1References1
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS0.00099EPSS
Exploits1References1
EUVD
EUVD
added 2026/07/06 7:27 p.m.3 views

EUVD-2026-41908

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

2.5CVSS6AI score0.00099EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/07/06 7:27 p.m.5 views

CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS6AI score0.00099EPSS
Exploits1
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41441

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References5
NVD
NVD
added 2026/07/02 10:16 p.m.8 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS0.00352EPSS
Exploits0References4
NVD
NVD
added 2026/07/02 10:16 p.m.6 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS0.00392EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 10:16 p.m.4 views

UBUNTU-CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.00392EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 10:16 p.m.3 views

UBUNTU-CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.5AI score0.00392EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/07/02 9:44 p.m.6 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.5AI score0.00392EPSS
Exploits0
CVE
CVE
added 2026/07/02 9:44 p.m.22 views

CVE-2026-50721

CVE-2026-50721 concerns Libreswan where the function RSA_authenticate_hash_signature_raw_rsa() does not properly verify the authentication hash length when the SIG payload of an IKEv1 packet is encoded using PKCS#1 RSA Encryption per RFC 2313. This enables a remote attacker to leverage a Bleichen...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/02 9:34 p.m.28 views

CVE-2026-50722 IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS0.00352EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/07/02 9:34 p.m.7 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.5AI score0.00352EPSS
Exploits0
CVE
CVE
added 2026/07/02 9:34 p.m.20 views

CVE-2026-50722

Libreswan is affected by CVE-2026-50722 through RSA_authenticate_hash_signature_pkcs1_1_5_rsa, which fails to properly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload uses RSASSA-PKCS1-v1_5 (RFC 8017). This enables a remote attacker to perform a Bleichenbacher-like variati...

8.1CVSS6.3AI score0.00352EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/02 9:34 p.m.8 views

CVE-2026-50722

Libreswan, via the function RSAauthenticatehashsignaturepkcs115rsa, did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v15 RFC 8017. A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload...

8.1CVSS6.3AI score0.00392EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 9:27 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in IBM Operator for PostgreSQL

Summary Multiple vulnerabilities were addressed in IBM Operator for PostgreSQL version v28.3.3. Vulnerability Details CVEID:CVE-2026-45447 DESCRIPTION: Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact...

8.8CVSS7.8AI score0.02719EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/26 11:6 a.m.3 views

SUSE-SU-2026:2648-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS6.3AI score0.02719EPSS
Exploits0References27
OSV
OSV
added 2026/06/25 6:16 p.m.4 views

UBUNTU-CVE-2026-6291

Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...

6.5CVSS5.8AI score0.00152EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:41 p.m.3 views

CVE-2026-6291

Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...

6CVSS5.9AI score0.00152EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder