389 matches found
UBUNTU-CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
SUSE CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
UBUNTU-CVE-2025-27587
OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVPDigestSign API, and then using the private key to extract the K value nonce from the signatures. Next, based on the bit size of t...
OS Command Exec, Unix Command Shell, Double Reverse TCP SSL (openssl)
Execute an OS command from PHP. Creates an interactive shell through two inbound connections Module Options msf use payload/php/unix/cmd/reverseopenssl msf payloadreverseopenssl show actions ...actions... msf payloadreverseopenssl set ACTION msf payloadreverseopenssl show options ...show and set...
The vulnerability in the x509_main function of the apps/x509.c module in the OpenSSL library allows a attacker to replace the trusted certificate.
The vulnerability of the x509main function in the apps/x509.c module of the OpenSSL library is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to replace the trusted certificate...
UBUNTU-CVE-2025-48057
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...
Energy Consumption Framework and Analysis of Post-Quantum Key-Generation on Embedded Devices
The emergence of quantum computing and Shor's algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum robust techniques. NIST has responded by standardising Post-Quantum Cryptography PQC algorithms, with ML-KEM FIPS-203 slated to replace ECDH...
golang-fips: Golang FIPS zeroed buffer
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...
JRuby-OpenSSL 安全漏洞
JRuby-OpenSSL is an add-on gem for JRuby from the JRuby team. A security vulnerability exists in JRuby-OpenSSL versions prior to 0.12.1 through 0.15.4, which stems from insufficient certificate hostname validation and could lead to a man-in-the-middle attack...
CVE-2025-2769
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...
Bdrive NetDrive 代码问题漏洞
Bdrive NetDrive is a network drive from Bdrive that connects to various cloud services or remote file storage. A code issue vulnerability exists in Bdrive NetDrive that stems from loading an OpenSSL configuration file from a non-secure location, which could result in local elevation of privilege...
NVIDIA NvContainer 安全漏洞
NVIDIA NvContainer is a container management service from NVIDIA. NVIDIA NvContainer suffers from a trust management issue vulnerability that stems from a hard-coded path issue in the use of OpenSSL, which could be exploited by an attacker to cause code execution, denial of service, elevation of...
HPESBHF04810 rev.1 - HPE ProLiant DX Servers Using OpenSSL, Multiple Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS; Remote: Denial of Service DoS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DX170r Gen10 server - Prior to v3.2005-27-2024 HPE ProLiant DX190r Gen10 server - Prior to v3.2005-27-2024 HPE ProLiant DX360 Gen10...
AZL-56761 CVE-2024-12797 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-5
Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...
CVE-2024-6975
Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file. This issue affects SDP Client before 5.10.34...
UBUNTU-CVE-2024-13454
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3...
DEBIAN-CVE-2023-24010
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
PT-2025-1382 · Openssl · Openssl
Name of the Vulnerable Software and Affected Versions: Data Distribution Service DDS affected versions not specified Description: The issue allows an attacker to compromise and gain full control of a secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7...
PT-2026-4949
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1, 3.0, 3.3, 3.4, 3.5 and 3.6 Description A flaw exists in the handling of maliciously crafted PKCS12 files when using the PKCS12 get friendlyname API. Specifically, processing a PKCS12 file with a BMPString UTF-16BE...
PT-2026-4940
Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.4.0 through 3.6.0 Description The vulnerability relates to improper validation of PBMAC1 parameters within PKCS12 files. Specifically, the PBKDF2 salt and keylength parameters are used without sufficient validation during MA...