Lucene search
+L

73 matches found

SUSE Linux
SUSE Linux
added 2026/04/23 3:53 p.m.3 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

8.2CVSS6.1AI score0.01059EPSS
Exploits0References20
SUSE Linux
SUSE Linux
added 2026/04/23 7:6 a.m.5 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

8.2CVSS5.7AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2026/04/23 7:6 a.m.5 views

SUSE-SU-2026:1562-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

7.5CVSS5.3AI score0.00805EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.9 views

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:1550-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1550-1 advisory. - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc126167...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.4 views

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2026:1549-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1549-1 advisory. - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Tenable...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/22 9:41 a.m.4 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

8.2CVSS5.8AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 9:41 a.m.5 views

SUSE-SU-2026:1550-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/22 9:41 a.m.5 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

8.2CVSS5.8AI score0.00805EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.5 views

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:1429-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1429-1 advisory. This update for openssl-3 fixes the following issue: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 10:3 a.m.4 views

SUSE-SU-2026:1429-1 Security update for openssl-3

This update for openssl-3 fixes the following issue: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo bsc1261678...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.39 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenSSL vulnerabilities (USN-8155-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8155-1 advisory. Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 serve...

9.8CVSS8.4AI score0.01059EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/10 9:36 a.m.7 views

CVE-2026-28389

A flaw was found in OpenSSL. A remote attacker could exploit this by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message with KeyAgreeRecipientInfo. This vulnerability arises because the software attempts to process an optional field without verifying its existence,...

7.5CVSS5.8AI score0.01027EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/08 11:26 p.m.6 views

SUSE CVE-2026-28390

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...

5.9CVSS5.8AI score0.00805EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2026/04/08 12:13 p.m.9 views

CVE-2026-28390

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS5.9AI score0.00805EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2026/04/08 11:57 a.m.9 views

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

9.8CVSS6.2AI score0.01059EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/07 11:27 p.m.7 views

SUSE CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

5.3CVSS5.9AI score0.01027EPSS
Exploits0References21
NVD
NVD
added 2026/04/07 10:16 p.m.5 views

CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

7.5CVSS0.01027EPSS
Exploits0References8
OSV
OSV
added 2026/04/07 10:16 p.m.5 views

ALPINE-CVE-2026-28390

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.7 views

OpenSSL Security Advisory 20260407

OpenSSL Security Advisory 20260407 - Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigge...

7.5CVSS6.1AI score0.01059EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References7
Rows per page
Query Builder