Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

203 matches found

AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox

The NSCDeriveKey function inadvertently assumed that the phKey parameter was always non-NULL. When the parameter was passed as NULL, a segmentation fault occurred, resulting in crashes. This behavior conflicts with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanism...

9.1CVSS6.5AI score0.00659EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.14 contains a heap buffer overflow vulnerability in the derivespatiallumavectorprediction function at motion.cc...

8.8CVSS6.9AI score0.00804EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.9 views

PT-2026-49193

The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms with hard-coded cryptographic keys to protect communication. An attacker in an adversary-in-the-middle position can decrypt the data traffic. During reassessment...

7.1CVSS5.5AI score0.00116EPSS
Exploits0References3
NVD
NVDadded 2026/06/09 5:17 p.m.8 views

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

3.7CVSS0.00259EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2026/06/09 4:3 p.m.11 views

CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

3.7CVSS5.3AI score0.00259EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/06/09 12:0 a.m.12 views

PT-2026-47840

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS modules versions 3.0, 3.4, 3.5, 3.6, and 4.0 Description When the EVP PKEY derive set peer function is called with a DHX X9.42 peer key, the software fails to properly verify subgroup membership. Specifically, the check Y^q ≡ 1 mo...

3.7CVSS5.5AI score0.00259EPSS
Exploits0References118
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.9 views

RockyLinux 10 : p11-kit (RLSA-2026:18143)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18143 advisory. p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL parameters CVE-2026-2100 Tenable has extracted the preceding description block directly fro...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References3
OSV
OSVadded 2026/05/28 3:43 p.m.9 views

RLSA-2026:18599 Moderate: p11-kit security update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. Security Fixes: p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL...

5.3CVSS5.8AI score0.01129EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/05/19 1:24 p.m.11 views

p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/19 1:24 p.m.20 views

Moderate: Red Hat Security Advisory: p11-kit security update

An update for p11-kit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/05/19 9:6 a.m.10 views

p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/05/19 12:0 a.m.27 views

RHEL 9 : p11-kit (RHSA-2026:18599)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18599 advisory. The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References7
OSV
OSVadded 2026/05/19 12:0 a.m.7 views

ALSA-2026:18599 Moderate: p11-kit security update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. Security Fixes: p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2026/05/19 12:0 a.m.8 views

Moderate: p11-kit security update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. Security Fixes: p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/05/19 12:0 a.m.11 views

RHEL 10 : p11-kit (RHSA-2026:18143)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18143 advisory. The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-41676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.l...

9.8CVSS5.9AI score0.00298EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/25 12:14 p.m.5 views

CVE-2026-41676

A flaw was found in rust-openssl, a library that provides cryptographic functionalities by binding to OpenSSL. When interacting with OpenSSL 1.1.x, the Deriver::derive function does not correctly manage buffer sizes during key derivation operations. This oversight can lead to a memory overflow,...

9.8CVSS5.2AI score0.00298EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/24 5:16 p.m.3 views

CVE-2026-41676

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS5.4AI score0.00298EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/04/24 5:16 p.m.4 views

EUVD-2026-25582

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS5.3AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/24 5:16 p.m.3 views

CVE-2026-41676 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS5.4AI score0.00298EPSS
Exploits0References1
Rows per page
Query Builder