Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.10 views

MiracleLinux 8 : openssl-1.1.1k-16.el8_6 (AXSA:2026-792:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-792:09 advisory. openssl: Use After Free with SSLfreebuffers CVE-2024-4741 openssl: Heap Use-After-Free in OpenSSL PKCS7verify CVE-2026-45447 Tenable has extracted th...

8.8CVSS6.9AI score0.02945EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/10/01 1:10 p.m.6 views

Security update for snpguest

This update for snpguest fixes the following issues: CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing bsc1243869. CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch...

6.3CVSS7AI score0.00486EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/09/24 12:0 a.m.2 views

SUSE SLES15 / openSUSE 15 Security Update : sevctl (SUSE-SU-2025:03307-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03307-1 advisory. - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416:...

8.8CVSS5.2AI score0.00486EPSS
Exploits1References7
OSV
OSV
added 2025/09/17 11:34 a.m.3 views

SUSE-SU-2025:20783-1 Security update for sevctl

This update for sevctl fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 - CVE-2024-12224: idna: Fixed Punycode improper validation bsc1243860...

8.8CVSS5.8AI score0.00486EPSS
Exploits1References5
OSV
OSV
added 2025/09/12 8:47 a.m.3 views

SUSE-SU-2025:20716-1 Security update for sevctl

This update for sevctl fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 - CVE-2024-12224: idna: Fixed Punycode labels not producing any non-ASCII when decode bsc1243860...

8.8CVSS5.8AI score0.00486EPSS
Exploits1References5
OSV
OSV
added 2025/08/15 12:51 p.m.3 views

SUSE-SU-2025:02809-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

8.8CVSS5.8AI score0.01121EPSS
Exploits2References14
Hacker One
Hacker One
added 2025/07/22 12:42 p.m.10 views

curl: Use after free (or assert triggered) with failed allocations in openssl

Summary: summary of the vulnerability A heap use after free or assertion can be triggered if some allocations fail I am not sure you consider allocations failures to be part of security issues, and I am not sure the issue lies in curl or in openssl, but I still think you want something to be fixe...

6.9AI score
Exploits0
OSV
OSV
added 2025/05/22 4:4 p.m.3 views

SUSE-SU-2025:01662-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631...

3.7CVSS5.6AI score0.00486EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/05/19 9:24 p.m.7 views

Security update for python-maturin

This update for python-maturin fixes the following issues: CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch when Some... value passed as properties argument to either function bsc1242631. CVE-2025-4574: crossbeam-channel: double-free leading to possible memory corruption in...

6.3CVSS5.6AI score0.00486EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/02/03 5:57 p.m.8 views

CVE-2025-24898 rust openssl ssl::select_next_proto use after free

rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than th...

6.3CVSS6.6AI score0.0065EPSS
Exploits0References3
Rows per page
Query Builder