Lucene search
K

23341 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.8 views

CVE-2026-8721

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

9.8CVSS5.6AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.10 views

CVE-2022-49036

An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-40004

There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges...

7.8CVSS5.9AI score0.00137EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 12:4 p.m.9 views

RLSA-2026:22314 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...

7.5CVSS7.7AI score0.00805EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/05 12:4 p.m.26 views

openssl security update

An update is available for openssl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and...

7.5CVSS7.7AI score0.00805EPSS
Exploits0
OSV
OSV
added 2026/06/05 6:0 a.m.10 views

RLSA-2026:22315 Moderate: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: OpenSSL:...

7.5CVSS7.8AI score0.00805EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/05 6:0 a.m.14 views

compat-openssl10 security update

An update is available for compat-openssl10. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSSL toolkit provides support for secure communications betwe...

7.5CVSS5.8AI score0.00805EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

RockyLinux 10 : openssl (RLSA-2026:22314)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22314 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descripti...

7.5CVSS5.6AI score0.00805EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.5 views

RockyLinux 8 : compat-openssl10 (RLSA-2026:22315)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22315 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...

7.5CVSS7.8AI score0.00805EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/06/04 6:3 a.m.45 views

curl: OpenSSL TLS 1.2 session resumption accepts expired server certificates in libcurl

Summary curl's OpenSSL backend can accept a new TLS 1.2 HTTPS connection after the server certificate has expired if the connection resumes a previously cached TLS session. A full handshake made at the same time with the same certificate fails with CURLEPEERFAILEDVERIFICATION, but the resumed...

5.6AI score
Exploits0
OSV
OSV
added 2026/06/03 3:32 p.m.5 views

SUSE-SU-2026:2261-1 Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue...

5.8AI score
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/06/03 3:31 p.m.5 views

Security update for python3-pyOpenSSL

This update for python3-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.8CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2026/06/03 2:16 p.m.16 views

CVE-2022-49036

An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00123EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/03 2:14 p.m.7 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2026/06/03 2:11 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2026/06/03 2:5 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
OSV
OSV
added 2026/06/03 2:5 p.m.11 views

SUSE-SU-2026:2242-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...

9.8CVSS7AI score0.00704EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/06/03 1:26 p.m.35 views

CVE-2022-49036

An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS0.00123EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.14 views

RockyLinux 10 : openssl (RLSA-2026:19066)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19066 advisory. openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-31790 Tenable has extracted the preceding description blo...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

pyOpenSSL 0.14.x < 26.0.0 Security Bypass

The version of pyOpenSSL installed on the remote host is prior to 26.0.0. It is, therefore, affected by a security bypass vulnerability: - pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to...

6.3CVSS5.5AI score0.00241EPSS
Exploits0References3
Rows per page
Query Builder