CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/01/16 12:0 a.m.•19 views

EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2023-3089)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

Tenable Nessus•added 2024/01/16 12:0 a.m.•17 views

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2023-2902)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck,...

OpenVAS•added 2023/12/22 12:0 a.m.•29 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-3513)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.4AI score0.01027EPSS

Tenable Nessus•added 2023/12/19 12:0 a.m.•33 views

Oracle Linux 8 : openssl (ELSA-2023-7877)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7877 advisory. - Backport implicit rejection mechanism for RSA PKCS1 v1.5 to RHEL-8 series a proper fix for CVE-2020-25659 Resolves: RHEL-17696 - Fix CVE-2023-5678:...

5.9CVSS6.6AI score0.01027EPSS

Exploits0References4

OpenVAS•added 2023/12/15 12:0 a.m.•26 views

Huawei EulerOS: Security Advisory for compat-openssl10 (EulerOS-SA-2023-3423)

6.5CVSS6.9AI score0.91789EPSS

IBM Security Bulletins•added 2023/12/11 9:45 a.m.•40 views

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to OpenSSL

Summary Vulnerabilities in OpenSSL such as remote attacker bypass security restrictions, denial of service may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security...

7.8CVSS7.5AI score0.01027EPSS

Exploits0Affected Software1

OpenVAS•added 2023/10/09 12:0 a.m.•12 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2890)

7.5CVSS7.2AI score0.01027EPSS

Tenable Nessus•added 2023/09/13 12:0 a.m.•36 views

Amazon Linux 2 : openssl (ALAS-2023-2246)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2246 advisory. Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use t...

Redos•added 2023/09/08 12:0 a.m.•30 views

Exploits0References6

ROS-20230907-04

Vulnerability of DHcheck, DHcheckex or EVPPKEYparamcheck functions of OpenSSL library is related to using a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service. Vulnerability of DHcheck,...

5.3CVSS5.9AI score0.01027EPSS

Exploits0

Tenable Nessus•added 2023/08/02 12:0 a.m.•48 views

Slackware Linux 15.0 / current openssl Multiple Vulnerabilities (SSA:2023-213-01)

The version of openssl installed on the remote host is prior to 1.1.1v / 3.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-213-01 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications tha...

OSV•added 2023/07/31 4:15 p.m.•4 views

AZL-34669 CVE-2023-3817 affecting package edk2 for versions less than 20230301gitf80f052277c8-37

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

5.3CVSS6.6AI score0.00351EPSS

Exploits0References1

OSV•added 2023/07/31 4:15 p.m.•4 views

AZL-27817 CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

5.3CVSS6.6AI score0.00351EPSS

Exploits0References1

CVE•added 2023/07/31 3:34 p.m.•1297 views

CVE-2023-3817

CVE-2023-3817 concerns OpenSSL: excessive time spent in checks of DH keys/parameters via DH_check(), DH_check_ex(), and EVP_PKEY_param_check(). If key/parameters originate from untrusted sources, an attacker could cause a Denial of Service by triggering long computations. The issue also affects r...

5.3CVSS6.2AI score0.00351EPSS

Exploits0References15Affected Software1

Tenable Nessus•added 2023/07/31 12:0 a.m.•46 views

FreeBSD : OpenSSL -- Excessive time spent checking DH q parameter value (bad6588e-2fe0-11ee-a0d1-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bad6588e-2fe0-11ee-a0d1-84a93843eb75 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:...

Tenable Nessus•added 2023/07/26 12:0 a.m.•31 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2023:2962-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2962-1 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:...

5.3CVSS6.4AI score0.01027EPSS

Exploits0References4

OSV•added 2023/07/19 12:15 p.m.•1 views

AZL-42955 CVE-2023-3446 affecting package openssl for versions less than 1.1.1k-28