Lucene search
K

23343 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.11 views

Fedora 43 : rustup (2026-f8e0fbaa84)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f8e0fbaa84 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/05/19 7:50 p.m.12 views

rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.8AI score0.00019EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/19 7:50 p.m.7 views

GHSA-PHQJ-4MHP-Q6MQ rust-openssl: Potential out-of-bounds write in `CipherCtxRef::cipher_update_inplace` for AES-KW-PAD ciphers

CipherCtxRef::cipherupdateinplace incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption whe...

5.1CVSS5.8AI score0.00019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 7:7 p.m.13 views

CVE-2026-44662

A flaw was found in rust-openssl. When using AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad with an input that is not a multiple of 8, the output buffers are incorrectly sized. This can lead to attacker-controllable heap corruption, allowing an attacker to write up to 7 bytes past the...

5.1CVSS5.7AI score0.00172EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 7:7 p.m.16 views

CVE-2026-42327

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate. This certificate, containing non-UTF-8 characters in its OCSP Online Certificate Status...

9.1CVSS6.2AI score0.00211EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 6:49 p.m.8 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.2AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 6:49 p.m.13 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 6:28 p.m.14 views

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

7.4CVSS7.4AI score0.00444EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/19 6:28 p.m.9 views

Moderate: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.4CVSS7.5AI score0.00444EPSS
Exploits1References2
OSV
OSV
added 2026/05/19 2:16 p.m.7 views

UBUNTU-CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/19 2:16 p.m.10 views

CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:40 p.m.8 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.2AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 1:40 p.m.11 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.3AI score0.00981EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 1:1 p.m.36 views

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS0.0009EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 1:1 p.m.11 views

EUVD-2025-209891

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 1:1 p.m.8 views

CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 1:1 p.m.23 views

CVE-2025-14575

An Uncontrolled Search Path Element vulnerability affects the Qt Network (qtbase) OpenSSL TLS backend in the Qt Framework (Unix). A crafted certificate file placed in the application’s working directory can cause the loading of a rogue CA certificate as a trusted system authority. Local attacker ...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 9:12 a.m.11 views

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

7.5CVSS6.8AI score0.01744EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 9:12 a.m.13 views

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.6AI score0.01744EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 8:36 a.m.9 views

CLSA-2026-1779179759 Update of openssl

Rebuilt els9 for FIPS review...

5.8AI score
Exploits0References1
Rows per page
Query Builder