Lucene search
+L

222 matches found

AlmaLinux
AlmaLinux
added 2026/01/28 12:0 a.m.22 views

Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

9.8CVSS6.2AI score0.47621EPSS
Exploits7References26
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.8 views

AlmaLinux 10 : openssl (ALSA-2026:1472)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References14
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-75272 CVE-2025-69418 affecting package openssl for versions less than 3.3.5-3

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.6AI score0.00115EPSS
Exploits1References1
NVD
NVD
added 2026/01/27 4:16 p.m.8 views

CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS0.00115EPSS
Exploits1References7
OSV
OSV
added 2026/01/27 4:16 p.m.9 views

AZL-75783 CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS7AI score0.00115EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.8 views

AZL-76128 CVE-2025-69418 affecting package edk2 for versions less than 20230301gitf80f052277c8-47

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS7AI score0.00115EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-76200 CVE-2025-69418 affecting package nodejs24 24.13.0-1

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.6AI score0.00115EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-78546 CVE-2025-69418 affecting package openssl-fips-provider 3.1.2-1

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.6AI score0.00115EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.7 views

AZL-76158 CVE-2025-69418 affecting package hvloader for versions less than 1.0.1-18

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS7AI score0.00115EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/27 4:1 p.m.5 views

CVE-2025-69418 Unauthenticated/unencrypted trailing bytes with low-level OCB function calls

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

5.7AI score0.00115EPSS
Exploits1References6
EUVD
EUVD
added 2026/01/27 4:1 p.m.5 views

EUVD-2025-206396

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

5.7AI score0.00115EPSS
Exploits1References6
OSV
OSV
added 2026/01/27 12:0 a.m.5 views

UBUNTU-CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.7AI score0.00115EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.8 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

4CVSS6.5AI score0.00115EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : openssl-3.0.1-41.el9 (AXSA:2022-3964:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3964:07 advisory. openssl: crehash script allows command injection CVE-2022-1292 openssl: Signer certificate verification returns inaccurate response when using...

10CVSS7AI score0.96275EPSS
Exploits6References6
SUSE CVE
SUSE CVE
added 2025/12/25 12:58 a.m.4 views

SUSE CVE-2023-53992

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References18
Cvelist
Cvelist
added 2025/12/24 10:55 a.m.32 views

CVE-2023-53992 wifi: cfg80211: ocb: don't leave if not joined

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...

0.00167EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.31 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an attempt to leave despite not joining the OCB state, which could lead to driver obfuscation...

6.1AI score0.00167EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the...

6AI score0.00167EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989548 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes tha...

5.5CVSS5.9AI score0.00252EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6221

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.04425EPSS
Exploits0References32
Rows per page
Query Builder