CVE-2026-45447

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

Linux Distros Unpatched Vulnerability : CVE-2026-8721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes...

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary TheOpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-9230 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can...

Security Bulletin: Vulnerability in openssl library (CVE-2025-9230) affects Power HMC.

Summary The openssl library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

Exploit for Out-of-bounds Read in Openssl

CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartble...

ALPINE-CVE-2025-69421

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths, inputs whose length is not a multiple of 16 bytes can leave the final partial block unencrypted and unauthenticated. Impact summary: The trailing 1-15 bytes of a message may be exposed i...

CVE-2025-15468 NULL dereference in SSL_CIPHER_find() function on unknown cipher ID

Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...

Linux Distros Unpatched Vulnerability : CVE-2025-68160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-bas...

Oracle MySQL Connectors (January 2026 CPU)

The 9.5.0 versions of MySQL Connectors installed on the remote host are affected by a vulnerability as referenced in the January 2026 CPU advisory. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/C++ OpenSSL. Supported versions that are affected are 9.0.0-9.5....

EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2025-2613)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...

PT-2025-36557

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS Java application versions affected versions not specified Description: The SAP NetWeaver AS Java application utilizes Adobe Document Service, which includes a vulnerable version of OpenSSL. Exploitation of known vulnerabiliti...

openssl: Excessive time spent checking DH keys and parameters

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

Hitachi Energy GMS600

SUMMARY Hitachi Energy is aware of the vulnerability, CVE-2022-4304 in the OSS component OpenSSL, that affects the GMS600 versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to process them...

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

The vulnerabilities of the functions d2i_PKCS7(), d2i_PKCS7_bio(), or d2i_PKCS7_fp() implemented in the PKCS #7 standard of the OpenSSL cryptographic library allow a perpetrator to cause a service failure.

The vulnerability of the functions d2iPKCS7, d2iPKCS7bio, or d2iPKCS7fp implemented in the PKCS 7 standard of the OpenSSL cryptographic library is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2006-7250

The mimehdrcmp function in crypto/asn1/asnmime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted S/MIME message...

SUSE CVE-2014-0221

The dtls1getmessagefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service recursion and client crash via a DTLS hello message in an invalid DTLS handshake...