Lucene search
K

116 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/09/02 2:7 p.m.8 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.15 LTS and 12.15.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

8.8CVSS8.7AI score0.73461EPSS
Exploits9Affected Software1
Rosalinux
Rosalinux
added 2025/04/30 8:30 a.m.21 views

Advisory ROSA-SA-2025-2858

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...

7.5CVSS7.8AI score0.62906EPSS
Exploits6
CBLMariner
CBLMariner
added 2025/04/08 9:12 p.m.21 views

CVE-2023-0465 affecting package hvloader for versions less than 1.0.1-9

CVE-2023-0465 affecting package hvloader for versions less than 1.0.1-9. A patched version of the package is available...

5.3CVSS7.2AI score0.01583EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 7:25 a.m.19 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP

Summary There are multiple vulnerabilities in the OpenSSL library used by IBM Sterling Connect:Direct for HP NonStop. IBM Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: The function X509VERIFYPARAMadd0policy is...

5.3CVSS6AI score0.01625EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.51 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.95764EPSS
Exploits28
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 8:48 p.m.32 views

Security Bulletin: IBM Master Data Management vulnerable to remote attacker due to flaws found in OpenSSL (CVE-2023-0466, CVE-2023-0465)

Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to remote attackers due to flaws found in OpenSSL. OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the X509VERIFYPARAMadd0policy function. By using invalid certificate policies, an attack...

5.3CVSS6.8AI score0.01625EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/08/22 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2287)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.73461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.21 views

Photon OS 5.0: Openssl PHSA-2023-5.0-0034

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0034. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.9AI score0.03658EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.27 views

Photon OS 4.0: Nodejs PHSA-2023-4.0-0417

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0417. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.8AI score0.73461EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.23 views

Photon OS 4.0: Openssl PHSA-2023-4.0-0406

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0406. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS6.9AI score0.03658EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.29 views

CBL Mariner 2.0 Security Update: edk2 / hvloader / openssl / nodejs18 (CVE-2023-0465)

The version of edk2 / hvloader / openssl / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0465 advisory. - Applications that use a non-default option when verifying certificates May be...

5.3CVSS6.4AI score0.01583EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/17 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1706)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.8AI score0.73461EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/04/17 10:2 p.m.25 views

CVE-2023-0465 affecting package edk2 for versions less than 20230301gitf80f052277c8-37

CVE-2023-0465 affecting package edk2 for versions less than 20230301gitf80f052277c8-37. A patched version of the package is available...

5.3CVSS7.1AI score0.01583EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1299)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.73461EPSS
Exploits0References2
OSV
OSV
added 2024/03/01 11:7 a.m.3 views

OESA-2024-1238 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy...

7.5CVSS8.5AI score0.73461EPSS
Exploits0References7
OSV
OSV
added 2024/02/08 11:6 a.m.7 views

OESA-2024-1135 nodejs security update

Node.js is an open-source, cross-platform, JavaScript runtime environment, it executes JavaScript code outside of a browser. Security Fixes: A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include polic...

7.5CVSS8.9AI score0.03658EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS Virtualization 2.11.1 : openssl (EulerOS-SA-2023-2736)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certifica...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.24 views

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-2702)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that...

7.5CVSS6.3AI score0.03658EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS 2.0 SP11 : shim (EulerOS-SA-2023-2711)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain...

5.3CVSS6.5AI score0.01583EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.38 views

EulerOS Virtualization 2.11.1 : shim (EulerOS-SA-2023-2743)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to...

5.3CVSS6.4AI score0.01583EPSS
Exploits0References2
Rows per page
Query Builder