Lucene search
+L

60 matches found

nessus
nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: openssl (TSSA-2025:0334)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0334 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.8CVSS7.4AI score0.87816EPSS
Exploits1References2
ibm
ibm
added 2025/05/15 10:55 p.m.11 views

Security Bulletin: Astronomer with IBM is vulnerable to buffer overflow due to the OpenSSL package (CVE-2021-3711).

Summary OpenSSL is used by Astronomer with IBM as part of secure communications. Vulnerability Details CVEID:CVE-2021-3711 DESCRIPTION: OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVPPKEYdecrypt function within implementation of the SM2 decryption. By...

9.8CVSS8.2AI score0.87816EPSS
Exploits1Affected Software1
oraclelinux
oraclelinux
added 2024/11/22 12:0 a.m.55 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.96275EPSS
Exploits28
cbl_mariner
cbl_mariner
added 2024/06/21 9:32 a.m.28 views

CVE-2021-3711 affecting package edk2 for versions less than 20240223gitedc6681206c1-1

CVE-2021-3711 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. A patched version of the package is available...

9.8CVSS9.4AI score0.87816EPSS
Exploits1
oraclelinux
oraclelinux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
oraclelinux
oraclelinux
added 2023/12/07 12:0 a.m.61 views

edk2 security update

20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

10CVSS7.9AI score0.96275EPSS
Exploits18
openvas
openvas
added 2022/12/20 12:0 a.m.25 views

Tenable Nessus Network Monitor < 6.0.0 Multiple Vulnerabilities (TNS-2022-02)

Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.5AI score
Exploits0References1
openvas
openvas
added 2022/12/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.88849EPSS
Exploits45References4
nessus
nessus
added 2022/12/14 12:0 a.m.51 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2022:4428-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4428-1 advisory. Version update from 8.3.10 to 8.5.13 jscPED-2145: - Security fixes: CVE-2022-36062: bsc1203596...

9.8CVSS7.3AI score0.88849EPSS
Exploits45References36
openvas
openvas
added 2022/11/18 12:0 a.m.84 views

Synology DiskStation Manager (DSM) 6.2.x, 7.x < 7.0.1-42218 OpenSSL Vulnerabilities (Synology-SA-21:24)

Synology DiskStation Manager DSM is prone to multiple vulnerabilities in OpenSSL. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS8.6AI score0.87816EPSS
Exploits1References1
nessus
nessus
added 2022/10/27 12:0 a.m.43 views

IBM Cognos Analytics Multiple Vulnerabilities (6828527)

The version of IBM Cognos Analytics installed on the remote host is affected by multiple vulnerabilities, including the following: - OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVPPKEYdecrypt function within implementation of the SM2 decryption. By sendin...

9.8CVSS8AI score0.87816EPSS
Exploits6References11
broadcom
broadcom
added 2022/09/13 12:0 a.m.50 views

CVE-2021-3711: ASN1_STRING structure contains a buffer holding the string data

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS1AI score0.87816EPSS
Exploits1
broadcom
broadcom
added 2022/09/13 12:0 a.m.41 views

CVE-2021-3711: ASN1_STRING structure contains a buffer holding the string data

Security Advisory ID : BSA-2022-1586 Component : OpenSSL Revision : 2.0 In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and,...

9.8CVSS7.8AI score0.87816EPSS
Exploits1
nessus
nessus
added 2022/09/07 12:0 a.m.73 views

GLSA-202209-02 : IBM Spectrum Protect: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-02 IBM Spectrum Protect: Multiple Vulnerabilities - IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale...

9.8CVSS9.2AI score0.87816EPSS
Exploits10References9
openvas
openvas
added 2022/06/21 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2022:2134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99888EPSS
Exploits47References18
nessus
nessus
added 2022/05/16 12:0 a.m.75 views

Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)

The version of Nessus Network Monitor NNM installed on the remote host is prior to 6.0.1. It is, therefore, affected by multiple vulnerabilities in third-party software. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...

9.8CVSS7.1AI score0.87816EPSS
Exploits7References8
openvas
openvas
added 2022/04/13 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1391)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.87816EPSS
Exploits1References2
openvas
openvas
added 2022/04/13 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1417)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.87816EPSS
Exploits1References2
cbl_mariner
cbl_mariner
added 2022/04/09 6:51 a.m.28 views

CVE-2021-3711 affecting package openssl for versions less than 1.1.1k-11

CVE-2021-3711 affecting package openssl for versions less than 1.1.1k-11. A patched version of the package is available...

9.8CVSS9.2AI score0.87816EPSS
Exploits1
ibm
ibm
added 2022/03/28 4:18 p.m.59 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise v11 & v12 (CVE-2021-3711)

Summary Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprsie. The DataDirect ODBC Drivers & Nodejs used by IBM App Connect Enterprise and IBM Integration Bus have addressed the applicable CVEs Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...

9.8CVSS9.9AI score0.87816EPSS
Exploits1
Rows per page
Query Builder