23341 matches found
CVE-2026-7383
A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application ...
CVE-2026-34182
A flaw was found in OpenSSL's Cryptographic Message Services CMS AuthEnvelopedData processing. An on-path attacker can exploit insufficient input validation on cipher and tag length fields by sending specially crafted CMS messages. This can lead to the forging of messages or bypassing integrity...
MGASA-2026-0189 Updated libssh packages fix security vulnerabilities
CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekeyfromfile CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 sshkdf returns ...
CVE-2026-7383
creationtimestamp| type| source ---|---|--- 2026-06-10 04:55:50+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-openssl-1 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611 2026-06-16 06:37:07+00:00| seen|...
CVE-2026-34180
creationtimestamp| type| source ---|---|--- 2026-06-10 04:55:50+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-openssl-1 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611 2026-06-16 16:20:37+00:00| seen|...
CVE-2026-45445
creationtimestamp| type| source ---|---|--- 2026-06-10 04:55:50+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-openssl-1 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611 2026-06-23 12:01:24+00:00| seen|...
CVE-2026-42765
creationtimestamp| type| source ---|---|--- 2026-06-10 04:55:50+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-openssl-1 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611...
Linux Distros Unpatched Vulnerability : CVE-2026-45447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A...
Debian dsa-6335 : libcrypto3-udeb - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6335 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6335-1 [email protected]...
EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-2332)
According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib-networking. A malicious Transport Layer Security TLS server can exploit an out- of-bounds read and invalid free...
Linux Distros Unpatched Vulnerability : CVE-2026-35188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the statusrequest extension, triggering a double-free i...
Linux Distros Unpatched Vulnerability : CVE-2026-42767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...
Linux Distros Unpatched Vulnerability : CVE-2026-42764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation...
EulerOS 2.0 SP13 : openssl (EulerOS-SA-2026-2306)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: During processing of a crafted CMS EnvelopedData messagex000D with KeyAgreeRecipientInfo a NULL pointer dereference can happen.x00...
Linux Distros Unpatched Vulnerability : CVE-2026-42768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: The CMSdecrypt and PKCS7decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME...
Linux Distros Unpatched Vulnerability : CVE-2026-45446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty...
Linux Distros Unpatched Vulnerability : CVE-2026-45445
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV ...
EulerOS 2.0 SP13 : openssl (EulerOS-SA-2026-2349)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: During processing of a crafted CMS EnvelopedData messagex000D with KeyAgreeRecipientInfo a NULL pointer dereference can happen.x00...
EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-2289)
According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib-networking. A malicious Transport Layer Security TLS server can exploit an out- of-bounds read and invalid free...
Linux Distros Unpatched Vulnerability : CVE-2026-7383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact...