Lucene search
K

4581 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:2392-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2392-1 advisory. This update for openssl-11 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1...

8.8CVSS6.5AI score0.02719EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2026:2399-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2399-1 advisory. This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References23
Cvelist
Cvelist
added 2026/06/18 5:30 p.m.23 views

CVE-2026-48985 pam_usb: NULL Dereference Crash in pusb_is_loginctl_local when loginctl Returns Empty Remote Field

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, pusbisloginctllocal can cause a NULL dereference crash when parsing loginctl output. The function calls popen and reads the result; if the Remote field is only a newline, fgets succeeds...

5.5CVSS0.00113EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 5:30 p.m.6 views

CVE-2026-48985

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, pusbisloginctllocal can cause a NULL dereference crash when parsing loginctl output. The function calls popen and reads the result; if the Remote field is only a newline, fgets succeeds...

5.5CVSS5.3AI score0.00113EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/18 5:30 p.m.19 views

CVE-2026-48985

pam_usb (Linux hardware authentication) contains a NULL dereference in pusb_is_loginctl_local() when parsing loginctl output in versions ≤ 0.9.1. If the Remote field is just a newline, strtok_r(...) returns NULL and a subsequent strcmp(is_remote, "no") dereferences NULL, causing undefined behavio...

5.5CVSS5.4AI score0.00113EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 12:32 a.m.11 views

EUVD-2026-37804

In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...

5.5AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.23 views

PT-2026-50770

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.2 Description An issue exists in the pusb is loginctl local function where a NULL dereference crash can occur when parsing loginctl output. The function utilizes popen to read results; if the Remote field contains...

5.5CVSS5.9AI score0.00113EPSS
Exploits0References7
NVD
NVD
added 2026/06/17 10:16 p.m.13 views

CVE-2026-8050

In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...

7.5CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 8:7 a.m.4 views

SUSE-SU-2026:2411-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256876. - CVE-2025-15468: NULL dereference in...

9.8CVSS7AI score0.47621EPSS
Exploits7References10
OSV
OSV
added 2026/06/16 6:54 a.m.4 views

SUSE-SU-2026:2405-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.2AI score0.02719EPSS
Exploits0References11
OSV
OSV
added 2026/06/16 6:53 a.m.4 views

SUSE-SU-2026:2404-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.2AI score0.02719EPSS
Exploits0References11
OSV
OSV
added 2026/06/16 6:53 a.m.4 views

SUSE-SU-2026:2403-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....

8.8CVSS5.2AI score0.02719EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/16 5:19 a.m.11 views

EUVD-2026-37036

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References2
OSV
OSV
added 2026/06/15 3:5 p.m.8 views

SUSE-SU-2026:2399-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delt...

8.8CVSS8.3AI score0.02719EPSS
Exploits0References16
OSV
OSV
added 2026/06/15 2:34 p.m.4 views

SUSE-SU-2026:2397-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS5.2AI score0.02719EPSS
Exploits0References17
SUSE Linux
SUSE Linux
added 2026/06/15 2:34 p.m.7 views

Security update for openssl-3

This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.2CVSS5.3AI score0.02719EPSS
Exploits0References32
SUSE Linux
SUSE Linux
added 2026/06/15 8:6 a.m.10 views

Security update for openssl-3

This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.2CVSS5.4AI score0.02719EPSS
Exploits0References36
OSV
OSV
added 2026/06/15 8:6 a.m.4 views

SUSE-SU-2026:2393-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

9.1CVSS5.2AI score0.02719EPSS
Exploits0References19
OSV
OSV
added 2026/06/15 8:5 a.m.5 views

SUSE-SU-2026:2392-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.8CVSS5.2AI score0.02719EPSS
Exploits0References12
SUSE Linux
SUSE Linux
added 2026/06/15 8:5 a.m.6 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.2CVSS5.3AI score0.02719EPSS
Exploits0References22
Rows per page
Query Builder