Lucene search
K

23343 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.3 views

Fedora 43 : perl-CryptX (2026-3e1f671a17)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3e1f671a17 advisory. 0.088 2026-04-23 - Crypt::KeyDerivation - new functions: pbkdf1openssl, bcryptpbkdf, scryptpbkdf, argon2pbkdf - Crypt::Misc - new functions: randomv7uuid,...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.12 views

Fedora 43 : rust-openssl / rust-openssl-sys (2026-16a3cea414)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-16a3cea414 advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Fedora 44 : rust-openssl / rust-openssl-sys (2026-fc9d4b5520)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc9d4b5520 advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36501

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.32 views

CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

7.5CVSS0.0035EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.6 views

Curl 8.17.0 < 8.20.0 OCSP Stapling Bypass

The version of curl installed on the remote host is 8.17.0 prior to 8.20.0. It is, therefore, affected by an OCSP stapling bypass vulnerability: - When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

5.3CVSS5.8AI score0.00267EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2026-26671

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Vanetza 安全漏洞

Vanetza is an open source implementation of a suite of in-vehicle communication protocols by the individual developer Raphael Riebl. A security vulnerability exists in Vanetza v26.02, which stems from an OpenSSL exception in the GeoNetworking packet processing pipeline that is not correctly caugh...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References2
CVE
CVE
added 2026/05/01 12:0 a.m.9 views

CVE-2026-37554

CVE-2026-37554 affects Vanetza V2X v26.02. In the GeoNetworking packet processing pipeline, OpenSSL exceptions from ECC point validation (invalid compressed point, point not on curve) are not properly caught within the Router::indicate() call chain. The openssl_wrapper.cpp check() function (line ...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References5
OSV
OSV
added 2026/04/30 4:43 p.m.6 views

CLSA-2026-1777567430 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 4:39 p.m.4 views

CLSA-2026-1777567181 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/30 1:58 p.m.5 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7.6AI score0.00981EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 1:58 p.m.14 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.2 release and security update

Red Hat JBoss Web Server 6.2.2 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

9.1CVSS7.7AI score0.00981EPSS
Exploits0References6
OSV
OSV
added 2026/04/30 12:40 p.m.5 views

CLSA-2026-1777552800 openssl: Fix of CVE-2026-28389

CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 9:53 a.m.5 views

CLSA-2026-1777542789 openssl: Fix of CVE-2026-28387

CVE-2026-28387: fix use-after-free / double-free in danematch by releasing the previously stored dane-mcert with X509free instead of OPENSSLfree; the slot is reference-bumped via X509upref so the matching free is X509free...

8.1CVSS5.8AI score0.00631EPSS
Exploits0References1
Amazon
Amazon
added 2026/04/30 12:0 a.m.13 views

Medium: openssl

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

7.5CVSS5.2AI score0.00885EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.15 views

Amazon Linux 2 : openssl, --advisory ALAS2-2026-3274 (ALAS-2026-3274)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3274 advisory. NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt...

7.5CVSS5.4AI score0.00885EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.5 views

Fedora 45 : kryoptic / pyOpenSSL / python-cryptography / rust-asn1 / etc (2026-13a0c86ba1)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-13a0c86ba1 advisory. Update python-cryptography to 47.0.0 As a result, rust-asn1 is bumped to 0.24, and pyOpenSSL is bumped to 26.1. kryoptic is rebuilt with a patch to support...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.15 views

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2026-010 (ALASOPENSSL-SNAPSAFE-2026-010)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2OPENSSL-SNAPSAFE-2026-010 advisory. NULL Pointer Dereference When Processing a Delta CRL NOTE:...

7.5CVSS5.5AI score0.00885EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.5 views

Medium: openssl-snapsafe

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

7.5CVSS5.3AI score0.00885EPSS
Exploits0
Rows per page
Query Builder