Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago5 views

SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2026:2662-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2662-1 advisory. This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC...

9.8CVSS6.4AI score0.47621EPSS
Exploits7References14
OSV
OSV
added 5 days ago2 views

SUSE-SU-2026:2662-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. - CVE-2025-15468: NULL dereference in SSLCIPHERfi...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References10
NVD
NVD
added 2026/06/23 6:18 p.m.9 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS0.0011EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/23 5:26 p.m.7 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS5.8AI score0.0011EPSS
Exploits0
EUVD
EUVD
added 2026/06/23 5:26 p.m.6 views

EUVD-2026-38550

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

9.1CVSS5.8AI score0.00237EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 12:51 p.m.3 views

SUSE-SU-2026:22143-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. - CVE-2025-15468: NULL dereference in SSLCIPHERfi...

9.8CVSS6.5AI score0.47621EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.7 views

Amazon Linux 2023 : aws-cfn-bootstrap (ALAS2023-2026-1662)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1662 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks...

5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/23 7:19 p.m.2 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

9.8CVSS6.3AI score0.47621EPSS
Exploits7References4
Amazon
Amazon
added 2026/02/05 12:0 a.m.7 views

Important: openssl

Issue Overview: A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption...

8.8CVSS6.3AI score0.47621EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2026/01/29 5:22 p.m.1 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.47621EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2026/01/29 5:22 p.m.8 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS7.4AI score0.47621EPSS
Exploits7References3
RedHat Linux
RedHat Linux
added 2026/01/29 12:24 a.m.9 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.47621EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2026/01/29 12:24 a.m.13 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.47621EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.15 views

RHEL 9 : openssl (RHSA-2026:1594)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1594 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References6
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.4 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:0311-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0311-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in...

9.8CVSS7.2AI score0.47621EPSS
Exploits7References25
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.3 views

RHEL 9 : openssl (RHSA-2026:1519)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1519 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2026/01/28 5:17 p.m.4 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.47621EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2026/01/28 5:17 p.m.29 views

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.4AI score0.47621EPSS
Exploits7References3
RedHat Linux
RedHat Linux
added 2026/01/28 3:32 p.m.13 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.47621EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2026/01/28 10:8 a.m.3 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.47621EPSS
Exploits7References4
Rows per page
Query Builder