Lucene search
+L

222 matches found

AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.55 views

CVE-2026-45445

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

7.5CVSS5.8AI score0.0032EPSS
Exploits0
CVE
CVE
added 2026/06/09 4:3 p.m.336 views

CVE-2026-45445

CVE-2026-45445 describes a vulnerability in AES-OCB when using OpenSSL EVP_Cipher() in one-shot mode: the application-supplied IV is ignored, causing every encrypted message under the same key to use the same effective nonce. This leads to key/nonce reuse and potential confidentiality loss, and, ...

7.5CVSS5.8AI score0.0032EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47842

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description When using the AES-OCB cipher with the one-shot EVP Cipher interface, the application-supplied initialisation vector IV is silently discarded. This causes every message encrypted with the sam...

7.5CVSS5.6AI score0.00513EPSS
Exploits0References120
OSV
OSV
added 2026/06/09 12:0 a.m.12 views

UBUNTU-CVE-2026-45445

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

7.5CVSS5.7AI score0.0032EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2026-2181)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

7.5CVSS5.9AI score0.00844EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2026-2031)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

7.5CVSS5.9AI score0.00844EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

7.5CVSS5.9AI score0.00844EPSS
Exploits1References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don’t leave if not joined If there is no OCB state, do not ask the driver/mac80211 to leave, as that would only cause confusion. Since the chandef state can be set or cleared, this is a simple check...

5.2AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/05/15 2:2 p.m.10 views

OESA-2026-2330 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...

7.5CVSS7AI score0.00844EPSS
Exploits1References7
OSV
OSV
added 2026/05/15 2:2 p.m.8 views

OESA-2026-2329 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...

7.5CVSS6.1AI score0.00844EPSS
Exploits1References7
OSV
OSV
added 2026/05/15 2:2 p.m.6 views

OESA-2026-2328 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...

7.5CVSS6.1AI score0.00844EPSS
Exploits1References7
F5 Networks
F5 Networks
added 2026/03/31 7:14 p.m.8 views

K000160557: OpenSSL vulnerability CVE-2025-69418

Security Advisory Description Issue summary: When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths, inputs whose length is not a multiple of 16 bytes can leave the final partial block unencrypted and unauthenticated. Impact summary: The trailing 1-15 bytes...

4CVSS5.8AI score0.00115EPSS
Exploits1
OSV
OSV
added 2026/03/27 2:4 p.m.4 views

OESA-2026-1753 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

7.5CVSS6.3AI score0.00844EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 2:4 p.m.5 views

OESA-2026-1752 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 2:4 p.m.5 views

OESA-2026-1750 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

7.5CVSS7.4AI score0.00844EPSS
Exploits1References8
OSV
OSV
added 2026/03/27 2:4 p.m.5 views

OESA-2026-1749 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

7.5CVSS6.3AI score0.00844EPSS
Exploits1References8
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.3 views

Astra Linux – Vulnerability in OpenSSL

Issue Summary: When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths, inputs whose length is not a multiple of 16 bytes may leave the final partial block unencrypted and unauthenticated. Impact Summary: The last 1–15 bytes of a message may be exposed in...

4CVSS7.3AI score0.00115EPSS
Exploits1References2
Debian
Debian
added 2026/02/24 8:55 a.m.18 views

[SECURITY] [DLA 4490-1] openssl security update

Debian LTS Advisory DLA-4490-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson February 23, 2026 https://wiki.debian.org/LTS Package : openssl Version : 1.1.1w-0+deb11u5 CVE ID : CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421...

7.5CVSS6.6AI score0.00844EPSS
Exploits1
OSV
OSV
added 2026/02/16 8:54 a.m.3 views

SUSE-SU-2026:20373-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.9AI score0.47621EPSS
Exploits7References17
NVD
NVD
added 2026/02/14 5:15 p.m.10 views

CVE-2025-71224

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: ocb: skip rxnosta when interface is not joined ieee80211ocbrxnosta assumes a valid channel context, which is only present after JOINOCB. RX may run before JOINOCB is executed, in which case the OCB interface is no...

0.00173EPSS
Exploits0References7
Rows per page
Query Builder