Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2017-12855

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.15507EPSS
Exploits1References33
SUSE CVE
SUSE CVEadded 2023/02/15 4:51 a.m.1 views

SUSE CVE-2017-3738

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

5.9CVSS9.1AI score0.15507EPSS
Exploits1References29
IBM Security Bulletins
IBM Security Bulletinsadded 2020/02/24 7:27 a.m.48 views

Security Bulletin: Multiple vulnerabilities exist in IBM Planning Analytics Local

Summary Vulnerabilities found in several components have been addressed in IBM Planning Analytics 2.0.5. There are vulnerabilities in IBM® Runtime Environment Java™ Version 7. These issues were disclosed as part of the IBM Java SDK updates in October 2017. Multiple vulnerabilities affect componen...

9.1CVSS0.5AI score0.27483EPSS
Exploits1Affected Software2
RedhatCVE
RedhatCVEadded 2019/10/08 10:39 p.m.59 views

CVE-2017-3738

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

7.5CVSS2.4AI score0.27588EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2019/05/14 12:0 a.m.253 views

EulerOS Virtualization 3.0.1.0 : openssl (EulerOS-SA-2019-1546)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigat...

7.5CVSS7.2AI score0.91945EPSS
Exploits13References21
IBM Security Bulletins
IBM Security Bulletinsadded 2018/09/14 6:45 p.m.46 views

Security Bulletin: Aspera OnDemand is affected by openSSL vulnerabilities (CVE-2017-3738)

Summary Aspera OnDemand has addressed the following openSSL vulnerabilities. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow bug in the AVX2 Montgomery multiplication procedure used in...

5.9CVSS1.7AI score0.27483EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linuxadded 2018/07/12 4:4 p.m.0 views

openssl: rsaz_1024_mul_avx2 overflow bug on x86_64

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

5.9CVSS6.8AI score0.15507EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2018/05/11 12:0 a.m.133 views

Amazon Linux AMI : openssl (ALAS-2018-1016)

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

6.5CVSS6.9AI score0.42931EPSS
Exploits2References4
Amazon
Amazonadded 2018/05/10 12:0 a.m.81 views

Medium: openssl

Issue Overview: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believe...

7.5CVSS7.1AI score0.42931EPSS
Exploits2
ArchLinux
ArchLinuxadded 2018/04/15 12:0 a.m.48 views

[ASA-201804-6] lib32-openssl: private key recovery

Arch Linux Security Advisory ASA-201804-6 ========================================= Severity: Medium Date : 2018-04-15 CVE-ID : CVE-2017-3738 Package : lib32-openssl Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-551 Summary ======= The package lib32-openssl...

5.9CVSS0.7AI score0.15507EPSS
Exploits1References5
Veracode
Veracodeadded 2018/04/02 4:57 a.m.42 views

Overflow In Multiplication Procedure

OpenSSL is vulnerable to an overflow error in AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. This bug can be used to compromise private key information for certain situations and DH1024. It does affect processors supporting AVX2 but not ADX extensions e.g.,...

5.9CVSS6.4AI score0.15507EPSS
Exploits1References27Affected Software14
Tenable Nessus
Tenable Nessusadded 2017/12/18 12:0 a.m.59 views

openSUSE Security Update : openssl (openSUSE-2017-1381)

This update for openssl fixes the following issues : - OpenSSL Security Advisory 07 Dec 2017 - CVE-2017-3737: OpenSSL 1.0.2 starting from version 1.0.2b introduced an 'error state' mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error...

7.5CVSS6.8AI score0.42931EPSS
Exploits2References8
Tenable Nessus
Tenable Nessusadded 2017/12/18 12:0 a.m.114 views

SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3343-1)

This update for openssl fixes the following issues : - OpenSSL Security Advisory 07 Dec 2017 - CVE-2017-3737: OpenSSL 1.0.2 starting from version 1.0.2b introduced an 'error state' mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error...

7.5CVSS6.9AI score0.42931EPSS
Exploits2References11
OpenVAS
OpenVASadded 2017/12/17 12:0 a.m.43 views

openSUSE: Security Advisory for openssl (openSUSE-SU-2017:3345-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.2AI score0.42931EPSS
Exploits2References1
Tenable Nessus
Tenable Nessusadded 2017/12/15 12:0 a.m.111 views

OpenSSL 1.1.0 < 1.1.0h Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0h. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0h advisory. - Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given maliciou...

6.5CVSS6.7AI score0.15507EPSS
Exploits1References11
Broadcom
Broadcomadded 2017/12/09 12:0 a.m.4 views

BSA-2018-528

Security Advisory ID : BSA-2018-528 Component : OpenSSL Revision : 1.0: Final There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this...

5.9CVSS8.7AI score0.27483EPSS
Exploits1
FreeBSD
FreeBSDadded 2017/12/09 12:0 a.m.65 views

FreeBSD -- OpenSSL multiple vulnerabilities

Problem Description: Invoking SSLread/SSLwrite while in an error state causes data to be passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSLread/SSLwrite being...

5.9CVSS6.8AI score0.42931EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2017/12/08 12:0 a.m.75 views

FreeBSD : OpenSSL -- multiple vulnerabilities (3bb451fc-db64-11e7-ac58-b499baebfeaf)

The OpenSSL project reports : - Read/write after SSL object in error state CVE-2017-3737 OpenSSL 1.0.2 starting from version 1.0.2b introduced an 'error state' mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would...

5.9CVSS6.7AI score0.42931EPSS
Exploits2References4
Prion
Prionadded 2017/12/07 4:29 p.m.48 views

Buffer overflow

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

4.3CVSS5.9AI score0.27588EPSS
Exploits1References27Affected Software3
OSV
OSVadded 2017/12/07 4:29 p.m.29 views

CVE-2017-3738

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

5.9CVSS8.6AI score
Exploits0References27
Rows per page
Query Builder