Lucene search
K

7 matches found

NVD
NVD
added 2026/01/27 4:16 p.m.8 views

CVE-2025-69420

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS0.00768EPSS
Exploits1References7
OSV
OSV
added 2026/01/27 4:16 p.m.4 views

ALPINE-CVE-2025-69420

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS5.9AI score0.00768EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

ALPINE-CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

7.4CVSS6AI score0.00444EPSS
Exploits1References1
CVE
CVE
added 2026/01/27 4:1 p.m.62 views

CVE-2025-69421

CVE-2025-69421 is a vulnerability in OpenSSL where a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function can crash applications that process malformed PKCS#12 files, causing Denial of Service. The issue arises because oct is not checked for NULL before dereferencing it when PKCS...

7.5CVSS6.2AI score0.00844EPSS
Exploits1References7Affected Software1
AlpineLinux
AlpineLinux
added 2026/01/27 4:1 p.m.4 views

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

9.8CVSS8.8AI score0.47621EPSS
Exploits7References39
OSV
OSV
added 2024/04/25 7:15 a.m.1 views

DEBIAN-CVE-2023-6237

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

5.9CVSS6.6AI score0.02303EPSS
Exploits0References1
OSV
OSV
added 2014/10/19 1:55 a.m.7 views

UBUNTU-CVE-2014-3568

OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c...

4.3CVSS6.7AI score0.13976EPSS
Exploits0References3
Rows per page
Query Builder