Lucene search
K

109 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 8 : openssl-1.1.1g-15.el8 (AXSA:2021-1621:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1621:02 advisory. openssl: NULL pointer dereference in signaturealgorithms processing CVE-2021-3449 openssl: CA certificate check bypass with X509VFLAGX509STRICT...

7.4CVSS7.9AI score0.62906EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0021: openssl (ALINUX3-SA-2021:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3449: An OpenSSL TLS server may...

7.4CVSS7.7AI score0.62906EPSS
Exploits4References3
Rosalinux
Rosalinux
added 2025/04/30 8:30 a.m.22 views

Advisory ROSA-SA-2025-2858

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.51 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.95764EPSS
Exploits18
Oracle linux
Oracle linux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.95764EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.47 views

Rocky Linux 8 : openssl (RLSA-2021:1024)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1024 advisory. - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello...

7.4CVSS7.7AI score0.62906EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.28 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1. Vulnerability

On March 25, 2021, OpenSSL published security updates addressing CVE-2021-3450 and CVE-2021-3449. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement:...

7.4CVSS7.8AI score0.62906EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2023-2183)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.2AI score0.62906EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.33 views

EulerOS 2.0 SP5 : openssl111d (EulerOS-SA-2023-2183)

According to the versions of the openssl111d packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 2:12 p.m.50 views

Security Bulletin: OpenSSL security vulnerability CVE-2021-3449 and CVE-2021-3450 in IBM Safer Payments versions of 6.1 and 6.2 below 6.1.0.08 and 6.2.1.03

Summary CVE-2021-3449: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signaturealgorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server t...

7.4CVSS7AI score0.62906EPSS
Exploits4Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.40 views

K83623027: OpenSSL vulnerability CVE-2021-3449

Security Advisory Description An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a...

5.9CVSS7AI score0.62906EPSS
Exploits3
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.10 views

SA44845 - OpenSSL Security Advisory CVE-2021-3450

On March 25 2021, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities per our End of Engineering EOE and End of Life EOL policies. The OpenSSL adviso...

7.4CVSS7.2AI score0.62906EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.51 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2021:0955-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:0955-2 advisory. This update for openssl-11 fixes the security issue: CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation...

5.9CVSS7.1AI score0.62906EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/01 1:37 p.m.46 views

Security Bulletin: Multiple Vulnerabilities in Node.js affects IBM Netcool Agile Service Manager

Summary Multiple vulnerabilities in Node.js used by IBM Netcool Agile Service Manager have been identified. Netcool Agile Service Manager has addressed these CVEs. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions, caused...

9.8CVSS9.8AI score0.77385EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/23 7:47 p.m.79 views

Security Bulletin: IBM Security Verify Adapters are vulnerable to denial of service and bypass security restrictions due to OpenSSL (CVE-2021-3449, CVE-2021-3450)

Summary OpenSSL is used by the IBM Security Verify Adapters as part of its SSL communication. IBM Security Verify Adapters are vulnerable to denial of service CVE-2021-3449 and could allow a remote attacker to bypass security restrictions CVE-2021-3450 The fix includes OpenSSL version 1.1.1k...

7.4CVSS2.2AI score0.62906EPSS
Exploits4Affected Software3
ICS
ICS
added 2022/03/08 12:0 a.m.128 views

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerability: Using Components with Known Vulnerabilities 2. RISK EVALUATION Successful exploitation of this vulnerability in third-party components could allow an attacker...

9.8CVSS8.4AI score0.21952EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.154 views

AlmaLinux 8 : openssl (ALSA-2021:1024)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1024 advisory. - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello...

7.4CVSS7.7AI score0.62906EPSS
Exploits4References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 2:16 p.m.40 views

Security Bulletin: This Power System update is being released to address CVE 2021-3450 and CVE 2021-3449

Summary POWER9: In response to security issues with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE 2021-3450 and CVE 2021-3449. Vulnerability Details CVEID: CVE-2021-3450 DESCRIPTION: OpenSSL could allow a...

7.4CVSS7.2AI score0.62906EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.52 views

Security Updates for Microsoft Visual Studio Products (October 2021)

The Microsoft Visual Studio Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Multiple denial of service DoS vulnerabilities exist in Visual Studio. An unauthenticated, remote attacker can exploit these issues to impose a DoS condition on the...

7.8CVSS7.8AI score0.62906EPSS
Exploits4References9
Rows per page
Query Builder