Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 4: openssl (TSSA-2024:0034)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0034 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

6.5CVSS6.8AI score0.73461EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.19 views

Siemens SIMATIC and SCALANCE Products Inadequate Encryption Strength (CVE-2023-0466)

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.3AI score0.01625EPSS
Exploits0References21
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 7:47 p.m.50 views

Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.

Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code level listed below. Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: OpenSSL could allow a remo...

5.3CVSS6.3AI score0.01625EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.28 views

EulerOS Virtualization 2.11.0 : openssl (EulerOS-SA-2023-2767)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certifica...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/12/07 12:37 p.m.2 views

openssl: Certificate policy check not enabled

A flaw was found in OpenSSL. The X509VERIFYPARAMadd0policy function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass t...

5.3CVSS6.6AI score0.01625EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2702)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.03658EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/07 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:1790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.03658EPSS
Exploits0References6
NVD
NVD
added 2023/03/28 3:15 p.m.20 views

CVE-2023-0466

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.4AI score0.01625EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2023/03/28 3:15 p.m.43 views

CVE-2023-0466

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.8AI score0.01625EPSS
Exploits0References4
OSV
OSV
added 2023/03/28 3:15 p.m.10 views

UBUNTU-CVE-2023-0466

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.7AI score0.01625EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2023/03/28 2:30 p.m.38 views

CVE-2023-0466

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.8AI score0.01625EPSS
Exploits0
CVE
CVE
added 2023/03/28 2:30 p.m.368 views

CVE-2023-0466

CVE-2023-0466 relates to OpenSSL where X509_VERIFY_PARAM_add0_policy() does not enable the policy check, allowing certificates with invalid policies to bypass verification. The issue is mitigated by enabling policy checks via X509_VERIFY_PARAM_set1_policies() or X509_V_FLAG_POLICY_CHECK, and has ...

5.3CVSS6.6AI score0.01625EPSS
Exploits0References10Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/28 2:30 p.m.14 views

CVE-2023-0466 Certificate policy check not enabled

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.4AI score0.01625EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2023/03/28 2:30 p.m.56 views

CVE-2023-0466

The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...

5.3CVSS6.3AI score0.01625EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.326 views

OpenSSL 3.0.0 < 3.0.9 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.9 advisory. - The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References13
Rows per page
Query Builder