Lucene search
K

23343 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-240 Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty...

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misl...

5.3CVSS6.8AI score0.00525EPSS
Exploits0References10
OSV
OSV
added 2026/04/27 6:33 p.m.13 views

JLSEC-2026-228 The c_rehash script does not properly sanitise shell metacharacters to prevent command injection....

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

9.8CVSS6.9AI score0.83223EPSS
Exploits5References26
OSV
OSV
added 2026/04/27 6:33 p.m.19 views

JLSEC-2026-227 openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates

The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS6.7AI score0.70561EPSS
Exploits2References49
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-236 Applications that use a non-default option when verifying certificates may be vulnerable to an...

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.3AI score0.01583EPSS
Exploits0References12
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-246 Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact...

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

5.9CVSS6.6AI score0.02303EPSS
Exploits0References9
OSV
OSV
added 2026/04/27 6:33 p.m.8 views

JLSEC-2026-224 SM2 Decryption Buffer Overflow

In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...

9.8CVSS7.2AI score0.87816EPSS
Exploits1References26
OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-244 Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH...

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.4AI score0.04459EPSS
Exploits0References13
OSV
OSV
added 2026/04/27 6:33 p.m.14 views

JLSEC-2026-215 OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include...

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.3CVSS6.3AI score0.06232EPSS
Exploits0References25
OSV
OSV
added 2026/04/27 1:36 p.m.11 views

CLSA-2026-1777297012 openssl: Fix of 3 CVEs

CVE-2026-28388: fix NULL dereference in checkdeltabase when a Delta CRL lacks the CRL Number extension - CVE-2026-28389: fix NULL dereference in dh/ecdhcmssetsharedinfo when KeyEncryptionAlgorithmIdentifier has no parameters field - CVE-2026-28390: fix NULL dereference in rsacmsdecrypt when the...

7.5CVSS7.2AI score0.00885EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/27 10:15 a.m.7 views

pyOpenSSL: DTLS cookie callback buffer overflow

A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...

9.8CVSS4.9AI score0.00704EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-41678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrapkey contains an incorrect assertion: it checks that...

9.8CVSS5.9AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-41898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind...

9.8CVSS6AI score0.00412EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-41681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVPDigestFinal always writes EVPMDCTXsizectx to the ou...

9.8CVSS5.8AI score0.00373EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-41676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.l...

9.8CVSS5.9AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the frompemcallback APIs did not validate the length...

9.1CVSS5.9AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.27 views

RHEL 8 : RHUI 4.11.4 security update - python-pyOpenSSL (Important) (RHSA-2026:10754)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:10754 advisory. Red Hat Update Infrastructure RHUI provides a highly scalable and redundant framework for managing repositories and content. It also allows cloud...

9.8CVSS5AI score0.00704EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/25 12:14 p.m.5 views

CVE-2026-41676

A flaw was found in rust-openssl, a library that provides cryptographic functionalities by binding to OpenSSL. When interacting with OpenSSL 1.1.x, the Deriver::derive function does not correctly manage buffer sizes during key derivation operations. This oversight can lead to a memory overflow,...

9.8CVSS5.2AI score0.00298EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/25 12:14 p.m.8 views

CVE-2026-41681

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. The EVPDigestFinal function, used for cryptographic hashing, can write past the end of its intended output buffer if the buffer is too small. This out-of-bounds write can corrupt the program'...

9.8CVSS5.5AI score0.00373EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/25 11:54 a.m.9 views

CVE-2026-41898

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. Foreign Function Interface FFI trampolines in several SslContextBuilder callbacks did not properly validate the size of data returned by user-defined closures before passing it to OpenSSL. Th...

9.8CVSS6AI score0.00412EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/25 11:54 a.m.13 views

CVE-2026-41678

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit an incorrect assertion in the aes::unwrapkey function. This flaw causes the function to incorrectly validate buffer sizes, allowing a smaller output buffer tha...

9.8CVSS6AI score0.00294EPSS
Exploits0References2
Rows per page
Query Builder