Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

EUVD
EUVDadded 2026/04/24 5:16 p.m.2 views

EUVD-2026-25582

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS5.3AI score0.00298EPSS
Exploits0References1
OSV
OSVadded 2025/09/30 2:15 p.m.4 views

AZL-67997 CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

7.5CVSS6.5AI score0.0177EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/09/30 12:0 a.m.11 views

NewStart CGSL MAIN 6.06 : openssl Multiple Vulnerabilities (NS-SA-2025-0211)

The remote NewStart CGSL host, running version MAIN 6.06, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

10CVSS8.5AI score0.99999EPSS
Exploits159References83
OSV
OSVadded 2021/02/16 5:15 p.m.2 views

AZL-41976 CVE-2021-23840 affecting package shim-unsigned-x64 for versions less than 1.1.1-1

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.6AI score0.49798EPSS
Exploits0References1
CNVD
CNVDadded 2016/03/02 12:0 a.m.2 views

OpenSSL Cross-Protocol Attack Vulnerability

OpenSSL is a general-purpose open source cryptographic library that implements Secure Sockets Layer and Secure Transport Layer protocols and can support a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure hashing algorithms, and so on. Cross-protocol...

5.9CVSS7.7AI score0.82112EPSS
Exploits2References1
RedHat Linux
RedHat Linuxadded 2006/09/28 11:46 p.m.3 views

openssl get_shared_ciphers overflow

Buffer overflow in the SSLgetsharedciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers...

10CVSS7AI score0.47694EPSS
Exploits1References4
Rows per page
Query Builder