Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/06/11 1:9 p.m.10 views

openssl: AES-OCB IV Ignored on EVP_Cipher() Path

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...

7.5CVSS5.5AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/17 6:1 p.m.4 views

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

7.4CVSS6AI score0.00444EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/01/28 3:32 p.m.3 views

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

7.4CVSS6AI score0.00444EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/01/28 9:6 a.m.3 views

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

7.4CVSS6AI score0.00444EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2023/01/18 5:56 a.m.4 views

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has published four Industrial Control Systems ICS advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that...

10CVSS8.7AI score0.95764EPSS
Exploits5
Rows per page
Query Builder