CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

485 matches found

SUSE CVE-2026-42769

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.9CVSS5.7AI score0.00255EPSS

Exploits0References5

Fedora•added 5 days ago•7 views

[SECURITY] Fedora 44 Update: openssl-3.5.7-1.fc44

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

9.1CVSS5.4AI score0.01388EPSS

Exploits0

RedHat Linux•added 6 days ago•5 views

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

5.9CVSS5.4AI score0.00344EPSS

Exploits0References4

RedHat Linux•added 6 days ago•4 views

openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...

5.3CVSS5.5AI score0.00255EPSS

Exploits0References4

RedHat Linux•added 6 days ago•5 views

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

5.9CVSS5.4AI score0.00344EPSS

Exploits0References4

RedHat Linux•added 6 days ago•3 views

openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

5.3CVSS5.5AI score0.00255EPSS

Exploits0References4

RedhatCVE•added 2026/06/10 1:34 p.m.•8 views

CVE-2026-42769

5.9CVSS5.1AI score0.00255EPSS

Exploits0References3

RedhatCVE•added 2026/06/10 1:34 p.m.•6 views

CVE-2026-42767

5.9CVSS5.4AI score0.00344EPSS

Exploits0References3

Tenable Nessus•added 2026/06/10 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...

5.9CVSS5.5AI score0.00344EPSS

Exploits0References4

Tenable Nessus•added 2026/06/10 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-42769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response...

5.3CVSS5.7AI score0.00255EPSS

Exploits0References3

EUVD•added 2026/06/09 6:30 p.m.•7 views

EUVD-2026-35484

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00344EPSS

Exploits0References7

EUVD•added 2026/06/09 6:30 p.m.•6 views

EUVD-2026-35486

5.3CVSS5.7AI score0.00255EPSS

Exploits0References6