Lucene search
K

23341 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

OpenSSL 加密问题漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...

9.1CVSS5.8AI score0.00237EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

OpenSSL 资源管理错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.9AI score0.00511EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.14 views

OpenSSL 3.0.0 < 3.0.21 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.21 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature...

9.1CVSS7.2AI score0.02719EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.26 views

OpenSSL 1.0.2 < 1.0.2zq Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zq. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zq advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

8.8CVSS6.9AI score0.02719EPSS
Exploits0References12
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.20 views

OpenSSL Security Advisory 20260609

OpenSSL is susceptible to multiple security vulnerabilities. A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. The Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag...

9.8CVSS5.5AI score0.02719EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

OpenSSL Toolkit 4.0.1

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 4.0 release...

9.8CVSS5.4AI score0.02719EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-47836

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference can occur during the decryption of password-encrypted Cryptographic Message Syntax CMS messages. The issue arises because the OpenSSL CMS implementation dereference...

9.1CVSS5.5AI score0.02719EPSS
Exploits0References139
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47837

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference can occur in a CMP client application when processing a crafted CMP response. An attacker controlling a CMP server or acting as a man-in-the-middle can send a CRMF...

9.1CVSS5.5AI score0.00595EPSS
Exploits0References102
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.21 views

PT-2026-47834

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference occurs in the OpenSSL QUIC server when receiving a QUIC initial packet containing an invalid or expired token. This issue is triggered specifically when address...

9.1CVSS5.5AI score0.02719EPSS
Exploits0References77
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.6 views

FreeBSD Security Advisory - FreeBSD-SA-26:35.openssl

FreeBSD Security Advisory - Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions...

8.1CVSS5.4AI score0.00513EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.47 views

OpenSSL 4.0.0 < 4.0.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 4.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 4.0.1 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.2AI score0.02719EPSS
Exploits0References56
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

OpenSSL 3.4.0 < 3.4.6 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.6 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.2AI score0.02719EPSS
Exploits0References44
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.37 views

OpenSSL 3.6.0 < 3.6.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.3 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.3AI score0.02719EPSS
Exploits0References53
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.27 views

OpenSSL 1.1.1 < 1.1.1zh Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zh. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zh advisory. - Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption...

8.8CVSS6.9AI score0.02719EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.17 views

OpenSSL 3.5.0 < 3.5.7 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.5.7. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.5.7 advisory. - Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification...

9.1CVSS7.2AI score0.02719EPSS
Exploits0References47
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.7 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Eighteen vulnerabilities in OpenSSL library. Highest classification High...

9.1CVSS5.4AI score0.02719EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.9 views

FreeBSD -- Multiple vulnerabilities in OpenSSL

Problem Description: Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions. Instead of exhaustively listing detailed writeups for each issue, please see the referenced advisory from OpenSSL...

9.1CVSS6.2AI score0.02719EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

OpenSSL Toolkit 3.6.3

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.6 release...

9.8CVSS5.4AI score0.02719EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2026/06/09 12:0 a.m.9 views

FreeBSD-SA-26:35.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:35.openssl Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSL Category: contrib Module: openssl Announced: 2026-06-09 Credits:...

9.1CVSS6.4AI score0.02719EPSS
Exploits0
OSV
OSV
added 2026/06/09 12:0 a.m.4 views

UBUNTU-CVE-2026-45447

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References5
Rows per page
Query Builder