23341 matches found
CVE-2026-8721
Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...
CVE-2022-49036
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...
CVE-2026-40004
There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges...
RLSA-2026:22314 Moderate: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...
openssl security update
An update is available for openssl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and...
RLSA-2026:22315 Moderate: compat-openssl10 security update
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: OpenSSL:...
compat-openssl10 security update
An update is available for compat-openssl10. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenSSL toolkit provides support for secure communications betwe...
RockyLinux 10 : openssl (RLSA-2026:22314)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22314 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descripti...
RockyLinux 8 : compat-openssl10 (RLSA-2026:22315)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22315 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
curl: OpenSSL TLS 1.2 session resumption accepts expired server certificates in libcurl
Summary curl's OpenSSL backend can accept a new TLS 1.2 HTTPS connection after the server certificate has expired if the connection resumes a previously cached TLS session. A full handshake made at the same time with the same certificate fails with CURLEPEERFAILEDVERIFICATION, but the resumed...
SUSE-SU-2026:2261-1 Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issue...
Security update for python3-pyOpenSSL
This update for python3-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
CVE-2022-49036
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
SUSE-SU-2026:2242-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...
CVE-2022-49036
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors...
RockyLinux 10 : openssl (RLSA-2026:19066)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19066 advisory. openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-31790 Tenable has extracted the preceding description blo...
pyOpenSSL 0.14.x < 26.0.0 Security Bypass
The version of pyOpenSSL installed on the remote host is prior to 26.0.0. It is, therefore, affected by a security bypass vulnerability: - pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to...