Lucene search
K

18 matches found

Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.54 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.32 views

Juniper Junos OS Multiple Vulnerabilities (JSA70186)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA70186 advisory. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is...

7.5CVSS7AI score0.70561EPSS
Exploits2References3
ICS
ICS
added 2023/02/14 12:0 a.m.42 views

Siemens Brownfield Connectivity Client

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

10CVSS9.5AI score0.83223EPSS
Exploits5References11
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.35 views

AlmaLinux 9 : openssl (ALSA-2022:6224)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6224 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

10CVSS6.8AI score0.95764EPSS
Exploits6References6
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5402-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.83223EPSS
Exploits5References2
Cloud Foundry
Cloud Foundry
added 2022/07/29 12:0 a.m.46 views

USN-5402-1: OpenSSL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. CVE-2022-1292 Raul Metsma...

10CVSS8.7AI score0.83223EPSS
Exploits5Affected Software3
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.29 views

openSUSE: Security Advisory for openssl-3 (SUSE-SU-2022:2306-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS7.3AI score0.95764EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2022:2306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.95764EPSS
Exploits6References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/04 1:19 p.m.42 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to multiple openSSL vulnerabilities in Node.js (CVE-2022-1434, CVE-2022-1343, CVE-2022-1473)

Summary IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a man-in-the-middle attack, remote attacker bypassing security restrictions and denial of service due to openSSL vulnerabilities in Node.js CVE-2022-1434, CVE-2022-1343, CVE-2022-1473. IBM App Connect provides a fix/fix...

7.5CVSS1.5AI score0.02386EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/17 6:45 p.m.107 views

Security Bulletin: IBM QRadar WinCollect is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., third party libraries that may be identified and exploited with automated tools. IBM QRadar WinCollect for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-1434 DESCRIPTION: OpenSSL is vulnerable to a...

10CVSS8.8AI score0.83223EPSS
Exploits14Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/27 12:0 a.m.52 views

Ubuntu 16.04 ESM : OpenSSL vulnerabilities (USN-5402-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5402-2 advisory. USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the...

10CVSS6.8AI score0.83223EPSS
Exploits5References3
Ubuntu
Ubuntu
added 2022/05/26 1:34 p.m.144 views

USN-5402-2: OpenSSL vulnerabilities

USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary...

10CVSS7AI score0.83223EPSS
Exploits5
OpenVAS
OpenVAS
added 2022/05/05 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-5402-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.83223EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2022/05/04 12:0 a.m.25 views

OpenSSL: Multiple Vulnerabilities (May 2022) - Windows

OpenSSL is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS6.8AI score0.83223EPSS
Exploits5References1
Circl
Circl
added 2022/05/03 8:33 p.m.3 views

CVE-2022-1473

creationtimestamp| type| source ---|---|--- 2022-05-03 20:33:59+00:00| seen| https://t.me/cibsecurity/41830...

7.5CVSS6.5AI score0.02386EPSS
Exploits0References1
CVE
CVE
added 2022/05/03 3:15 p.m.264 views

CVE-2022-1473

Summary: CVE-2022-1473 concerns a bug in the OPENSSL_LH_flush() function in OpenSSL 3.0 that breaks reuse of memory for removed hash table entries, used when decoding certificates or keys, leading to unbounded memory growth and potential DoS in long-lived processes (e.g., TLS clients/servers). Wh...

7.5CVSS8.2AI score0.02386EPSS
Exploits0References5Affected Software1
OpenSSL
OpenSSL
added 2022/05/03 12:0 a.m.57 views

Vulnerability in OpenSSL - Resource leakage when decoding certificates and keys

The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will...

8.2AI score0.02386EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/03 12:0 a.m.375 views

OpenSSL 3.0.0 < 3.0.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.3 advisory. - The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed has...

10CVSS7.4AI score0.83223EPSS
Exploits5References13
Rows per page
Query Builder