Lucene search
+L

117 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : openssl-1.1.1k-4.el8 (AXSA:2021-2623:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2623:05 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has...

7.5CVSS7.1AI score0.50732EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 2: openssl (TSSA-2023:0336)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0336 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/04/08 9:13 p.m.12 views

CVE-2021-23841 affecting package shim-unsigned-aarch64 for versions less than 15.8-5

CVE-2021-23841 affecting package shim-unsigned-aarch64 for versions less than 15.8-5. A patched version of the package is available...

5.9CVSS6.2AI score0.07471EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/04/08 9:13 p.m.9 views

CVE-2021-23841 affecting package shim-unsigned-x64 for versions less than 15.8-5

CVE-2021-23841 affecting package shim-unsigned-x64 for versions less than 15.8-5. A patched version of the package is available...

5.9CVSS6.2AI score0.07471EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-23841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X5...

5.9CVSS6.4AI score0.07471EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.56 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.96275EPSS
Exploits28
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.13 views

Photon OS 3.0: Nxtgn PHSA-2021-3.0-0200

An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0200. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.4AI score0.50732EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.24 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability

On February 16, 2021, OpenSSL published security updates addressing CVE-2021-23841, CVE-2021-23839, and CVE-2021-23840. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement. Note that...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/07 3:15 p.m.47 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2021-23839, CVE-2021-23840, CVE-2021-23841

Summary There are vulnerabilities CVE-2021-23839, CVE-2021-23840, CVE-2021-23841 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 2:14 p.m.52 views

Security Bulletin: IBM Safer Payments is vulnerable to multiple OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Summary IBM Safer Payments uses OpenSSL. These OpenSSL vulnerabilities are addressed in IBM Safer Payments. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion of t...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.43 views

K52833764: OpenSSL vulnerability CVE-2021-23841

Security Advisory Description The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer fie...

5.9CVSS7AI score0.07471EPSS
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.9 views

SA44846 - OpenSSL Security Advisory CVE-2021-23841

On February 16 2021, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities per our End of Engineering EOE and End of Life EOL policies. The OpenSSL...

7.5CVSS7.3AI score0.50732EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/02 5:0 p.m.52 views

Security Bulletin: IBM Aspera Orchestrator affected by OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841)

Summary The following vulnerabilities have been addressed in IBM Aspera Orchestrator 4.0.1. Vulnerability Details CVEID:CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion of the logic during ...

7.5CVSS7.3AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/01 4:35 p.m.65 views

Security Bulletin: IBM Security Guardium is affected by OpenSSL denial of service vulnerabilities (CVE-2021-23840, CVE-2021-23841)

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to...

7.5CVSS7.5AI score0.50732EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.50 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0017)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is clo...

7.5CVSS6.5AI score0.50732EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.50 views

Security Bulletin: IBM InfoSphere Master Data Management Server vulnerability in OpenSSL

Summary The vulnerability in CVE-2021-23839, CVE-2021-23840, CVE-2021-23841 have been addressed in the latest interim Fix iFix available on Fix Central for all 3 affected versions. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused...

7.5CVSS7AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/30 4:2 p.m.41 views

Security Bulletin: IBM QRadar Network Security is affected by denial of service vulnerabilities in OpenSSL (CVE-2021-23840, CVE-2021-23841)

Summary IBM QRadar Network Security has addressed vulnerabilities in OpenSSL. The issues could lead to a denial of service. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly lo...

7.5CVSS7.5AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/17 8:29 a.m.49 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System.

Summary OpenSSL used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVEs CVE-2021-23840,CVE-2021-23841. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in...

7.5CVSS7.1AI score0.50732EPSS
Exploits0Affected Software1
Rows per page
Query Builder