GHSA-RPG5-467J-C25Q vulnerabilities

Vulnerabilities for packages: libcrypto3-2.34...

AWS libcrypto 安全漏洞

AWS libcrypto is a general-purpose encryption library open sourced by Amazon Web Services. Prior to version 1.71.0 of AWS libcrypto, there was a security vulnerability. This vulnerability stemmed from a logical error in the CRL distribution point validation process, which incorrectly rejected CRL...

OESA-2026-1563 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2026-1561 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2026-1559 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2026-1492 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

AWS libcrypto 安全漏洞

AWS libcrypto is a general-purpose encryption library open sourced by Amazon Web Services. Versions of AWS libcrypto prior to 1.69.0 contained security vulnerabilities. These vulnerabilities stemmed from improper signature verification in the PKCS7verify function. This allowed for bypassing the...

AWS libcrypto 安全漏洞

AWS libcrypto is a general-purpose encryption library open sourced by Amazon Web Services. Versions of AWS libcrypto prior to 1.69.0 contained security vulnerabilities. These vulnerabilities stemmed from observable time differences during AES-CCM decryption, which could potentially allow...

EUVD-2021-14103

Malware in sbrugna...

CVE-2024-10068

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-11.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploi...

CVE-2024-10068

CVE-2024-10068 affects OpenSight Software FlashFXP 5.4.0.3970. The vulnerability resides in an unknown function within libcrypto-1_1.dll used by FlashFXP.exe, causing uncontrolled search path manipulation. This enables a local attacker to compromise the system. The exposure is supported by multip...

CVE-2024-10068 OpenSight Software FlashFXP FlashFXP.exe uncontrolled search path

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-11.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploi...

CVE-2024-10068 OpenSight Software FlashFXP FlashFXP.exe uncontrolled search path

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-11.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploi...

OpenSight FlashFXP 代码问题漏洞

OpenSight FlashFXP is a secure FTP client software for Windows from OpenSight. A code issue vulnerability exists in OpenSight FlashFXP version 5.4.0.3970, which stems from an unknown function in the library libcrypto-11.dll in the file FlashFXP.exe that can lead to uncontrolled search paths...

PT-2024-16003 · Opensight +1 · Flashfxp +1

Name of the Vulnerable Software and Affected Versions: OpenSight Software FlashFXP version 5.4.0.3970 Description: A critical issue was found in the library libcrypto-1 1.dll of the file FlashFXP.exe, affecting an unknown function. This leads to uncontrolled search path manipulation. The attack...

NULL Pointer Dereference

Fort is vulnerable to NULL Pointer Dereference. The vulnerability is caused due a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. When compiled wi...

CVE-2024-45238

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsin...

[SECURITY] Fedora 38 Update: libssh-0.10.6-2.fc38

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

[SECURITY] Fedora 39 Update: libssh-0.10.6-1.fc39

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

CVE-2023-26031 Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...