Lucene search
K

23343 matches found

Hacker One
Hacker One
added 2026/05/26 2:47 a.m.85 views

curl: TLS conn reuse and session cache ignore fsslctx callback and ssl_config_data flags ( incomplete fix variant of 7541ae569 )

Summary matchsslprimaryconfig in lib/vtls/vtls.c:194 and the session-cache key built by cfsslpeerkeybuild in lib/vtls/vtlsscache.c:240 both compare only struct sslprimaryconfig fields when deciding whether to reuse a TLS connection or cached session. Several fields that materially change the TLS...

5.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/26 12:0 a.m.6 views

CVE-2026-48697

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...

5.8AI score0.00164EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 12:0 a.m.22 views

CVE-2026-48697

Summary: CVE-2026-48697 affects FastNetMon Community Edition up to 1.2.9. The root cause is in execute_web_request_secure() in src/fast_library.cpp, which creates a Boost.Asio TLS client context (tls_client) and calls set_default_verify_paths() but never enables verify_peer. As a result, OpenSSL ...

7.4CVSS5.8AI score0.00164EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/22 5:7 p.m.12 views

EUVD-2026-31469

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509VERRUNABLETOGETISSUERCERTLOCALLY,...

9.8CVSS5.7AI score0.00291EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/22 5:7 p.m.9 views

CVE-2026-32253 Sunshine: Authentication bypass via improper client certificate validation

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509VERRUNABLETOGETISSUERCERTLOCALLY,...

9.8CVSS5.7AI score0.00291EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.14 views

Sunshine 信任管理问题漏洞

Sunshine is an Open Source Moonlight-based autonomous gaming streaming host developed by LizardByte. Earlier versions of Sunshine, such as 2026.516.143833, had vulnerabilities related to trust management. These vulnerabilities stemmed from improper handling of OpenSSL verification results. Custom...

9.8CVSS5.8AI score0.00291EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.22 views

PT-2026-42801

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509 V ERR UNABLE TO GET ISSUER CERT...

9.8CVSS5.7AI score0.00291EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-14575

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogu...

1.8CVSS5.5AI score0.0009EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.18 views

RockyLinux 8 : openssl (RLSA-2026:3042)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:3042 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...

7.4CVSS6.2AI score0.00444EPSS
Exploits1References3
OSV
OSV
added 2026/05/21 4:24 p.m.6 views

RLSA-2026:3042 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419...

7.4CVSS7.6AI score0.00444EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/05/21 4:24 p.m.9 views

openssl security update

An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

7.4CVSS6.2AI score0.00444EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:53 p.m.19 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2025-11187...

9.8CVSS7.5AI score0.47621EPSS
Exploits8Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/21 2:42 a.m.16 views

SUSE CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.9 views

GHSA-PHQJ-4MHP-Q6MQ vulnerabilities

Vulnerabilities for packages: sccache, sdp-k8s-injector, rpm-sequoia, typst, rustls-openssl-client, sentry-cli, guestproxyagent, vector, sqlx, valkey-ldap, komodo, ztunnel-fips, bootc, deno, rustup...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.16 views

CVE-2026-45784 vulnerabilities

Vulnerabilities for packages: sccache, sdp-k8s-injector, rpm-sequoia, typst, rustls-openssl-client, sentry-cli, guestproxyagent, vector, sqlx, valkey-ldap, komodo, ztunnel-fips, bootc, deno, rustup...

5.8AI score0.00019EPSS
Exploits0
OSV
OSV
added 2026/05/20 10:10 a.m.7 views

RHSA-2026:19187 Red Hat Security Advisory: compat-openssl11 security update

Bulletin has no description...

7.4CVSS7AI score0.00444EPSS
Exploits1References7
OSV
OSV
added 2026/05/20 10:9 a.m.9 views

RHSA-2026:19066 Red Hat Security Advisory: openssl security update

Bulletin has no description...

5.9CVSS7.2AI score0.00981EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Fedora 44 : rustup (2026-fc7afe14b7)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc7afe14b7 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Fedora 44 : rust-nu (2026-6de0476940)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6de0476940 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.11 views

Fedora 43 : rustup (2026-f8e0fbaa84)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f8e0fbaa84 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References8
Rows per page
Query Builder