EUVD-2011-4502

Malware in sbrugna...

EUVD-2025-22030

Malicious code in bioql PyPI...

CVE-2025-49087

A flaw was found in mbedtls. A timing vulnerability exists within the PKCS7 padding removal process for block ciphers, allowing a remote attacker to potentially recover plaintext data. This exploitation occurs through the observation of the time it takes to process a crafted ciphertext, resulting...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

AIX OpenSSL Advisory : openssl_advisory3.asc

The version of OpenSSL running on the remote host is affected by the following vulnerabilities : - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a...

Juniper Steel-Belted Radius Multiple OpenSSL Vulnerabilities

The version of Juniper Steel-Belted Radius software installed on the remote RedHat or CentOS host is affected by multiple OpenSSL vulnerabilities : - The SSL 3.0 implementation in OpenSSL does not properly initialize data structures for block cipher padding, which could allow remote attackers to...

Mandriva Update for openssl MDVSA-2012:007 (openssl)

Check for the Version of openssl OpenVAS Vulnerability Test Mandriva Update for openssl MDVSA-2012:007 openssl Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

openssl: uninitialized SSL 3.0 padding

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

FreeBSD Ports: openssl

The remote host is missing an update to the system as announced in the referenced advisory. VID 78cc8a46-3e56-11e1-89b4-001ec9578670 OpenVAS Vulnerability Test $ Description: Auto generated from VID 78cc8a46-3e56-11e1-89b4-001ec9578670 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

openssl security update

0.9.7a-43.18 - CVE-2011-4576 - properly initialize SSL 3.0 block cipher padding 771775 - CVE-2011-4619 - fix SGC restart DoS attack 771780...

Mandriva Linux Security Advisory : openssl (MDVSA-2012:006)

Multiple vulnerabilities has been found and corrected in openssl : The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack CVE-2011-410...

Debian DSA-2390-1 : openssl - several vulnerabilities

Several vulnerabilities were discovered in OpenSSL, an implementation of TLS and related protocols. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2011-4108 The DTLS implementation performs a MAC check only if certain padding is valid, which make...

FreeBSD : OpenSSL -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670)

The OpenSSL Team reports : 6 security flaws have been fixed in OpenSSL 1.0.0f : If X509VFLAGPOLICYCHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. OpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. As ...

CVE-2011-4576

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

CVE-2011-4576

OpenSSL CVE-2011-4576 affects SSL 3.0 padding initialization: the implementation does not properly initialize data structures for block cipher padding, allowing a remote attacker to potentially recover plaintext by decrypting the padding data. Affected releases: OpenSSL before 0.9.8s and 1.x befo...

OpenSSL 0.9.8 < 0.9.8s / 1.x < 1.0.0f Multiple Vulnerabilities

Binary data 6129.prm...