Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/06/09 5:17 p.m.6 views

ALPINE-CVE-2026-42766

Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...

5.9CVSS5.4AI score0.00595EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/09 4:3 p.m.37 views

CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/08/20 4:11 p.m.2 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2023/08/24 12:0 a.m.42 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2023-306)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-306 advisory. Issue summary: The AES-SIV cipher implementation contains a bug that causesit to ignore empty associated data entries which are unauthenticated asa consequence. Impact summary: Applications tha...

5.3CVSS6.7AI score0.05533EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2023/02/28 8:22 a.m.5 views

openssl: timing attack in RSA Decryption implementation

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References5
OSV
OSVadded 2021/08/31 11:15 a.m.1 views

CVE-2021-34581

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device...

7.5CVSS7.1AI score0.01022EPSS
Exploits0References1
securityvulns
securityvulnsadded 2015/03/21 12:0 a.m.128 views

Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security

-= Advanced Information Security Corporation =- ------------------------------------------------------------------------ Author: Nicholas Lemonias Type: Security Audit Notes Date: 17/3/2015 Email: lem.nikolas at gmail dot com Audit: OpenSSL v1.0.2 22nd of January, 2015 Release...

7.2AI score
Exploits0
Rows per page
Query Builder