Lucene search
K

23343 matches found

OSV
OSV
added 2026/05/05 12:19 a.m.8 views

OPENSUSE-SU-2026:20673-1 Security update for openssl-3-x86_64-v3-livepatches

This update for openssl-3-x8664-v3-livepatches fixes the following issues: Changes in openssl-3-x8664-v3-livepatches: - Add package for libopenssl3-x86-64-v3-3.5.0 bsc1259271. Fixed: - CVE-2025-11187: Fixed Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. -...

9.8CVSS5.9AI score0.47621EPSS
Exploits7References9
OSV
OSV
added 2026/05/05 12:19 a.m.3 views

SUSE-SU-2026:21544-1 Security update for openssl-3-x86_64-v3-livepatches

This update for openssl-3-x8664-v3-livepatches fixes the following issues: Changes in openssl-3-x8664-v3-livepatches: - Add package for libopenssl3-x86-64-v3-3.5.0 bsc1259271. Fixed: - CVE-2025-11187: Fixed Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256878. -...

9.8CVSS7.1AI score0.47621EPSS
Exploits7References10
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.14 views

PT-2026-37265

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.7 through 0.10.78 Description The X509Ref::ocsp responders function returns OCSP responder URLs from a certificate's AIA extension as OpensslString. The Deref implementation wraps raw bytes using str::from utf8...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 10:53 p.m.10 views

Security Bulletin: This Power System update is being released to address CVE-2026-22796

Summary PowerVM relies on OpenSSL to support a range of features, such as virtual TPM, LPM, and other functionalities that require cryptographic operations. This bulletin provides a remediation for the impacted vulnerability, CVE-2026-22796 by upgrading PowerVM and thus addressing the exposure to...

5.3CVSS7.2AI score0.00502EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 10:3 p.m.8 views

Security Bulletin: Multiple vulnerabilities impact AIX due to OpenSSL

Summary Vulnerabilities in OpenSSL could send contents of an uninitialized memory buffer CVE-2026-31790, cause a use-after-free CVE-2026-28387, cause a NULL pointer dereference CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, or lead to a buffer overflow CVE-2026-31789. OpenSSL is used by AIX as...

9.8CVSS7.8AI score0.00981EPSS
Exploits0Affected Software2
IBM AIX
IBM AIX
added 2026/05/04 3:13 p.m.10 views

Multiple vulnerabilities impact AIX due to OpenSSL

IBM SECURITY ADVISORY First Issued: Mon May 4 15:13:40 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory47.asc Security Bulletin: Multiple vulnerabilities impact AIX due to OpenSSL...

9.8CVSS7.4AI score0.00981EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/04 2:10 p.m.7 views

pyOpenSSL: DTLS cookie callback buffer overflow

A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...

9.8CVSS6AI score0.00704EPSS
Exploits0References7
RubySec
RubySec
added 2026/05/04 12:0 a.m.13 views

net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication

Summary When authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. Details A hostile IMAP server can send an arbitrarily large PBKDF2 iteration count in the...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHCOS 4 : Red Hat build of MicroShift 4.14.19 (RHSA-2024:1566)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1566 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Note that Nessus has not tested for this iss...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.10 views

RHCOS 4 : Red Hat build of MicroShift 4.15.6 (RHSA-2024:1561)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1561 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Note that Nessus has not tested for this iss...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References4
OSV
OSV
added 2026/05/03 9:56 a.m.5 views

OESA-2026-2161 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious...

7.5CVSS7.4AI score0.00981EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/02 2:11 a.m.4 views

[SECURITY] Fedora 44 Update: rust-openssl-sys-0.9.114-1.fc44

FFI bindings to OpenSSL...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/05/02 2:11 a.m.6 views

[SECURITY] Fedora 44 Update: rust-openssl-0.10.78-1.fc44

OpenSSL bindings...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/05/02 1:57 a.m.11 views

[SECURITY] Fedora 42 Update: rust-openssl-sys-0.9.114-1.fc42

FFI bindings to OpenSSL...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/05/02 1:57 a.m.9 views

[SECURITY] Fedora 42 Update: rust-openssl-0.10.78-1.fc42

OpenSSL bindings...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/05/02 1:52 a.m.6 views

[SECURITY] Fedora 43 Update: rust-openssl-0.10.78-1.fc43

OpenSSL bindings...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/05/02 1:52 a.m.7 views

[SECURITY] Fedora 43 Update: rust-openssl-sys-0.9.114-1.fc43

FFI bindings to OpenSSL...

9.8CVSS5.8AI score0.00373EPSS
Exploits0
OSV
OSV
added 2026/05/02 1:7 a.m.5 views

CLSA-2026-1777547052 openssl: Fix of CVE-2026-28389

CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.4 views

Fedora 44 : krb5 (2026-8b43ea2f82)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8b43ea2f82 advisory. Fix NegoEx parsing vulnerabilities CVE-2026-40355, CVE-2026-40356 Add upstream patches to build against openssl 4.0 Make configure.ac work with...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Fedora 42 : rust-openssl / rust-openssl-sys (2026-76f57efeef)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-76f57efeef advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References5
Rows per page
Query Builder