Lucene search
K

23 matches found

Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.51 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/28 3:16 p.m.28 views

Security Bulletin: Vulnerability in OpenSSL affects IBM Integrated Analytics System [CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217]

Summary Redhat provided OpenSSL is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217 Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a...

7.5CVSS6.6AI score0.20444EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.43 views

openSUSE: Security Advisory for openssl (SUSE-SU-2023:0312-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.59501EPSS
Exploits0References2
ICS
ICS
added 2024/02/13 12:0 a.m.70 views

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS10AI score0.20444EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/17 2:45 p.m.37 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Observability with Instana (Agent container image)

Summary OpenSSL is used by IBM Observability with Instana Self-hosted on Docker as part of it's container images. CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, CVE-2022-4450, CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401 Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: OpenSSL i...

7.5CVSS8AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 1:36 p.m.68 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands are vulnerable to denial of service and loss of confidentiality due to multiple vulnerabilities

Summary OpenSSL is present in the IBM App Connect Enterprise Certified Container Dashboard operand image. OpenSSL is vulnerable to denial of service and loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in OpenSSL. CVE-2023-0217, CVE-2023-1255...

7.5CVSS7.2AI score0.02846EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/30 12:33 p.m.50 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286,CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217)

Summary There is a security advisory for openSSL1.0.2r which is used by IBM Tivoli Netcool System Service Monitors/Application Service Monitors 4.0.1 Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error related to the...

7.5CVSS7AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/22 5:20 p.m.94 views

Security Bulletin: IBM MQ Advanced Message Security on IBM i platform is affected by multiple issues in OpenSSL (CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401)

Summary Multiple issues were identified with OpenSSL, which IBM MQ on the IBM i platform uses within the Advanced Message Security feature to provide cryptographic functionality. It is not used for transport layer security TLS functionality for IBM MQ channel connections, which is provided by the...

7.5CVSS7.6AI score0.20444EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.52 views

Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

9.8CVSS8AI score0.34174EPSS
Exploits3References24
OpenVAS
OpenVAS
added 2023/04/12 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2023-0130)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.59501EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/03/17 12:0 a.m.57 views

Tenable Nessus Agent 10.x >= 10.2.1 and < 10.3.2 Multiple Vulnerabilities (TNS-2023-12)

According to its self-reported version, the Tenable Nessus Agent running on the remote host is between 10.2.1 and 10.3.2. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 3.0.8: - An attacker that had observed a genuine connection between a client and a server...

7.5CVSS7AI score0.20444EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/15 5:50 p.m.52 views

Security Bulletin: Multiple vulnerabilities within OpenSSL and Node.js affect IBM App Connect Enterprise and IBM Integration Bus

Summary IBM App Connect Enterprise and IBM Integration Bus are vulnerable to denial of service and remote attack due to OpenSSL and Node.js. CVE-2022-4450, CVE-2023-0216 & CVE-2023-0401, CVE-2022-4203, CVE-2023-0217, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286 & CVE-2022-25881. The fix includes...

7.5CVSS7.5AI score0.59501EPSS
Exploits1Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.94 views

Tenable Nessus 10.x >= 10.2.1 and < 10.4.3 Multiple Vulnerabilities (TNS-2023-11)

According to its self-reported version, the Tenable Nessus application running on the remote host is between 10.2.1 and 10.4.2. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 3.0.8: - An attacker that had observed a genuine connection between a client and a...

7.5CVSS7.4AI score0.20444EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/02/28 12:0 a.m.62 views

RHEL 9 : openssl (RHSA-2023:0946)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0946 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS7.8AI score0.59501EPSS
Exploits0References29
Wolfi
Wolfi
added 2023/02/24 3:15 p.m.50 views

CVE-2022-4203 vulnerabilities

Vulnerabilities for packages: openssl...

4.9CVSS7.7AI score0.01481EPSS
Exploits0
Chainguard
Chainguard
added 2023/02/24 3:15 p.m.36 views

CVE-2022-4203 vulnerabilities

Vulnerabilities for packages: openssl-provider-fips, openssl...

4.9CVSS6.8AI score0.01481EPSS
Exploits0
Cvelist
Cvelist
added 2023/02/24 2:53 p.m.26 views

CVE-2022-4203 X.509 Name Constraints Read Buffer Overflow

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

6.7AI score0.01481EPSS
Exploits0References3
CVE
CVE
added 2023/02/24 2:53 p.m.742 views

CVE-2022-4203

OpenSSL CVE-2022-4203 is a read buffer overrun in X.509 name-constraint checking that can be triggered after certificate chain verification, potentially crashing the TLS agent and causing a denial of service (memory disclosure was only theoretical in early advisories). It affects TLS clients and ...

4.9CVSS6.9AI score0.01481EPSS
Exploits0References4Affected Software1
Circl
Circl
added 2023/02/10 2:55 p.m.4 views

CVE-2022-4203

creationtimestamp| type| source ---|---|--- 2023-02-10 14:55:06+00:00| seen| https://t.me/truesecator/4053 2023-02-24 18:19:19+00:00| seen| https://t.me/cibsecurity/58875 2025-03-06 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-065-01 2026-02-15 08:58:43+00:00| see...

4.9CVSS7AI score0.01481EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2023/02/08 10:27 p.m.5 views

roaring-landmask (=0.4.0) potentially affected by CVE-2022-4203 via openssl-src (=300.0.0+3.0.0)

openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2022-4203 Source advisory: OSV:GHSA-W67W-MW4J-8QRV...

4.9CVSS7AI score0.01481EPSS
Exploits0
Rows per page
Query Builder