Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Wired Threat Level
Wired Threat Leveladded 2025/12/17 10:30 a.m.2 views

Microsoft Will Finally Kill an Encryption Cipher That Enabled a Decade of Windows Hacks

The weak RC4 for administrative authentication has been a hacker holy grail for decades...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2023/03/21 12:0 a.m.92 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-054)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-054 advisory. AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of...

7.5CVSS6.8AI score0.19455EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2023/02/15 3:31 a.m.2 views

SUSE CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

6.5CVSS6.8AI score0.19455EPSS
Exploits0References4
OSV
OSVadded 2022/11/01 4:24 p.m.0 views

USN-5710-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler...

7.5CVSS6.9AI score0.83506EPSS
Exploits6References4
Github Security Blog
Github Security Blogadded 2022/10/11 7:0 p.m.32 views

Using a Custom Cipher with `NID_undef` may lead to NULL encryption

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

7.5CVSS7.3AI score0.19455EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessusadded 2022/10/11 12:0 a.m.79 views

OpenSSL 3.0.0 < 3.0.6 Vulnerability

The version of OpenSSL installed on the remote host is prior to 3.0.6. It is, therefore, affected by a vulnerability as referenced in the 3.0.6 advisory. - OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecate...

7.5CVSS6.7AI score0.19455EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2022/09/29 12:0 a.m.1 views

CVE-2022-3358

OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0...

7.5CVSS7AI score0.19455EPSS
Exploits0References8
Check Point Advisories
Check Point Advisoriesadded 2015/03/04 12:0 a.m.5 views

OpenSSL TLS Export Cipher Suite Downgrade (CVE-2015-0204; CVE-2015-1637)

A vulnerability has been detected in the way OpenSSL handles TLS handshakes that use weak, legacy cipher suites. An attacker might leverage this vulnerability to intercept secure communications...

4.3CVSS0.9AI score0.91945EPSS
Exploits0
Rows per page
Query Builder