Lucene search
K

115 matches found

OSV
OSV
added 2026/04/22 9:40 a.m.5 views

SUSE-SU-2026:1549-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References3
OSV
OSV
added 2026/04/20 12:56 p.m.3 views

SUSE-SU-2026:21244-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

7.5CVSS5.2AI score0.00805EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/17 10:3 a.m.6 views

Security update for openssl-3

This update for openssl-3 fixes the following issue: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.2CVSS5.7AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 9:17 a.m.9 views

SUSE-SU-2026:1386-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInf...

9.8CVSS6.1AI score0.00885EPSS
Exploits0References11
OSV
OSV
added 2026/04/15 5:25 p.m.6 views

SUSE-SU-2026:1375-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CM...

9.8CVSS6.1AI score0.00981EPSS
Exploits0References13
OSV
OSV
added 2026/04/13 3:48 p.m.14 views

SUSE-SU-2026:21107-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security issues fixed: - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-28387: potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL pointer dereference when processing...

9.8CVSS7.6AI score0.00981EPSS
Exploits0References15
Snyk
Snyk
added 2026/04/10 5:6 a.m.8 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation due to improper validation of the AES-GCM authentication tag length in the wcPKCS7DecodeAuthEnvelopedData function. An attacker can bypass authentication by truncating the authentication tag, significantly...

8.7CVSS5.8AI score0.00355EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/10 3:10 a.m.2 views

CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS5.8AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 3:10 a.m.27 views

CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS0.00355EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/10 3:10 a.m.9 views

CVE-2026-5500

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS5.2AI score0.00355EPSS
Exploits0
EUVD
EUVD
added 2026/04/10 12:30 a.m.3 views

EUVD-2026-21228

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.3AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31864

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description wolfSSL's wc PKCS7 DecodeAuthEnvelopedData function does not properly sanitize the AES-GCM authentication tag length received and lacks a lower bounds check. This allows a man-in-the-middle...

8.7CVSS5.8AI score0.00355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-5295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData...

8CVSS6.1AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 11:17 p.m.6 views

DEBIAN-CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS5.7AI score0.00175EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 11:17 p.m.7 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS6.2AI score0.00175EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 10:53 p.m.2 views

CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.2AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 10:53 p.m.2 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.3AI score0.00175EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 10:53 p.m.20 views

CVE-2026-5295

The CVE describes a stack buffer overflow in wolfSSL’s PKCS7 code (wc_PKCS7_DecryptOri() in wolfcrypt/src/pkcs7.c) when handling CMS EnvelopedData with an OtherRecipientInfo (ORI) recipient. A parsed OID longer than 32 bytes is copied into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) without...

8CVSS6.3AI score0.00175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/09 10:53 p.m.25 views

CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS0.00175EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/09 10:53 p.m.4 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS5.7AI score0.00175EPSS
Exploits0
Rows per page
Query Builder