Lucene search
+L

53 matches found

OSV
OSV
added 2026/07/01 9:32 a.m.3 views

SUSE-SU-2026:22437-1 Security update for openssl-3

This update for openssl-3 fixes the following issue - CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption bsc1266350...

5.9CVSS5.9AI score0.00349EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 8:41 a.m.3 views

SUSE-SU-2026:22449-1 Security update for openssl-3

This update for openssl-3 fixes the following issue - CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption bsc1266350...

5.9CVSS5.9AI score0.00349EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.12 views

SUSE CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

6.5CVSS5.4AI score0.00349EPSS
Exploits0References10
Snyk
Snyk
added 2026/06/09 6:32 p.m.11 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in OSSLCRMFENCRYPTEDVALUEdecrypt. An attacker in a MitM position can return a CRMF CertRepMessage whose EncryptedValue carries a symmAlg field with an algorithm OID but no parameters, dereferencing NULL when the...

8.2CVSS7.1AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 5:14 p.m.15 views

USN-8414-1 openssl vulnerabilities

Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or obtain sensitive information. CVE-2026-34180 Pavol Zacik and Alex Gaynor discovered that OpenSSL...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.9 views

CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.5AI score0.00349EPSS
Exploits0References6
OSV
OSV
added 2026/05/12 3:48 a.m.6 views

MINI-85MG-F4X3-CRMF

Bulletin has no description...

7.5CVSS5.7AI score0.00781EPSS
Exploits0
OSV
OSV
added 2026/04/30 3:30 p.m.7 views

MINI-RF68-CRMF-9J9X

Bulletin has no description...

8.8CVSS7.4AI score0.08123EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.31 views

EulerOS 2.0 SP8 : openssl (EulerOS-SA-2023-3141)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Application...

6.5CVSS6.6AI score0.75116EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.24 views

EulerOS Virtualization 3.0.6.6 : openssl098e (EulerOS-SA-2023-3409)

According to the versions of the openssl098e package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509...

7.5CVSS6.7AI score0.75116EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/10/31 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-3075)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.75116EPSS
Exploits0References2
Amazon
Amazon
added 2023/06/27 12:0 a.m.37 views

Medium: openssl11

Issue Overview: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may...

6.5CVSS7AI score0.75116EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.94 views

Ubuntu 16.04 ESM : OpenSSL vulnerability (USN-6188-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6188-1 advisory. Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to...

6.5CVSS7AI score0.75116EPSS
Exploits0References2
OSV
OSV
added 2023/05/30 2:15 p.m.7 views

AZL-31144 CVE-2023-2650 affecting package edk2 for versions less than 20230301gitf80f052277c8-37

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.6AI score0.75116EPSS
Exploits0References1
OSV
OSV
added 2023/05/30 1:40 p.m.39 views

CVE-2023-2650 Possible DoS translating ASN.1 object identifiers

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.7AI score0.75116EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2023/05/30 1:40 p.m.215 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.5AI score0.75116EPSS
Exploits0
Cvelist
Cvelist
added 2023/05/30 1:40 p.m.39 views

CVE-2023-2650 Possible DoS translating ASN.1 object identifiers

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.9AI score0.75116EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1705

Heap-based buffer underflow in the cryptojsinterpretkeygentype function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Certificate Request Message Format CRMF request...

10CVSS8.9AI score0.03914EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1710

The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting XSS attacks...

10CVSS8.4AI score0.40118EPSS
Exploits13References8
OpenVAS
OpenVAS
added 2021/11/16 12:0 a.m.15 views

Mozilla Firefox Security Advisory (MFSA2013-65) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

10CVSS6.4AI score0.03914EPSS
Exploits0References3
Rows per page
Query Builder