Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 2026/06/24 7:54 a.m.4 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.15 views

RHEL 9 : openssl-fips-provider (RHSA-2026:28832)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28832 advisory. This package provides a custom build of the OpenSSL FIPS module that has been submitted to NIST for certification. Security Fixes: openssl: openssl:...

7.5CVSS7.4AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 4:56 a.m.9 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS6AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 4:37 a.m.4 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.4AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:57 a.m.4 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.4AI score0.00981EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 4:3 p.m.12 views

RLSA-2026:19066 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-317...

5.9CVSS7.3AI score0.00981EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 6:49 p.m.10 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.2AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 1:40 p.m.8 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.2AI score0.00981EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.15 views

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-317...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/30 1:58 p.m.6 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.6AI score0.00981EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/07 11:26 p.m.15 views

SUSE CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

6.5CVSS6.1AI score0.00981EPSS
Exploits0References19
Cvelist
Cvelist
added 2026/04/07 10:0 p.m.32 views

CVE-2026-31790 Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

0.00981EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : nodejs:16 (AXSA:2023-6328:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6328:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

7.5CVSS5.7AI score0.03906EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-0748

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00666EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.2 views

Astra Linux – Vulnerability in Node.js

When an invalid public key is used to create an X509 certificate using the crypto.X509Certificate API, a non-expected termination occurs. This makes it vulnerable to DoS attacks, as the attacker could cause interruptions in the application’s processing. The process terminates when accessing the...

5.3CVSS6.6AI score0.01157EPSS
Exploits0References3
OSV
OSV
added 2023/11/28 8:15 p.m.2 views

DEBIAN-CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

5.3CVSS6.5AI score0.01157EPSS
Exploits0References1
OSV
OSV
added 2023/11/28 8:15 p.m.22 views

CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

5.3CVSS5AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/11/28 8:15 p.m.39 views

CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

5.3CVSS6.8AI score0.01157EPSS
Exploits0References3
OSV
OSV
added 2023/11/28 8:15 p.m.3 views

UBUNTU-CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

5.3CVSS6.9AI score0.01157EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/11/28 7:15 p.m.27 views

CVE-2023-30588

When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key inf...

5.3CVSS6.6AI score0.01157EPSS
Exploits0
Rows per page
Query Builder