Lucene search
+L

23525 matches found

osv
osv
added 2 days ago5 views

MGASA-2026-0253 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion. CVE-2026-7383 Out-of-Bounds Read in CMS Password-Based Decryption. CVE-2026-9076 Heap Buffer Over-read in ASN.1 Content Parsing. CVE-2026-34180 PKCS12 Files with PBMAC1 Are...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References8
osv
osv
added 2 days ago4 views

RLSA-2026:39297 Moderate: edk2 security, bug fix, and enhancement update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-31790 openssl: OpenSS...

7.5CVSS7AI score0.00981EPSS
Exploits0References3
rocky
rocky
added 2 days ago4 views

edk2 security, bug fix, and enhancement update

An update is available for edk2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...

7.5CVSS7AI score0.00981EPSS
Exploits0
opensuse
opensuse
added 2 days ago3 views

Security update for go1.25-openssl (critical)

openSUSE security update: security update for go1.25-openssl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21319-1 Rating: critical References: bsc1170826 bsc1244485 bsc1245878 bsc1256818 bsc1257692 bsc1259264 bsc1259265 bsc1259268 bsc1261653...

9.6CVSS6.8AI score0.00939EPSS
Exploits1References34
redhat
redhat
added 3 days ago4 views

openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

A flaw was found in openssl. Applications that use RSASVE key encapsulation, a method for securely exchanging encryption keys, may inadvertently expose sensitive data. This vulnerability arises when an application processes a malicious, invalid RSA public key provided by an attacker without prope...

7.5CVSS7AI score0.00981EPSS
Exploits0References5
redhat
redhat
added 3 days ago5 views

Moderate: Red Hat Security Advisory: edk2 security, bug fix, and enhancement update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.1AI score0.00981EPSS
Exploits0References3
redhat
redhat
added 3 days ago4 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS6.9AI score0.00805EPSS
Exploits0References10
osv
osv
added 3 days ago3 views

SUSE-SU-2026:2977-1 Security update for afterburn

This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...

9.8CVSS6.2AI score0.00559EPSS
Exploits1References19
osv
osv
added 3 days ago2 views

SUSE-SU-2026:2976-1 Security update for afterburn

This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...

9.8CVSS6.2AI score0.00559EPSS
Exploits1References19
osv
osv
added 3 days ago2 views

SUSE-SU-2026:2975-1 Security update for afterburn

This update for afterburn fixes the following issues Update to version 5.10.0.git73.b97f772. Security issues fixed: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270175. - CVE-2026-41677: openssl: out-of-bounds read in PEM password...

9.8CVSS6.2AI score0.00559EPSS
Exploits1References19
osv
osv
added 3 days ago4 views

RHSA-2026:39012 Red Hat Security Advisory: compat-openssl11 security update

Bulletin has no description...

8.1CVSS6.1AI score0.02719EPSS
Exploits0References17
osv
osv
added 3 days ago4 views

RHSA-2026:39009 Red Hat Security Advisory: compat-openssl11 security update

Bulletin has no description...

8.1CVSS6.1AI score0.02719EPSS
Exploits0References17
osv
osv
added 3 days ago5 views

RLSA-2026:38503 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing...

7.5CVSS6.1AI score0.00805EPSS
Exploits0References2
rocky
rocky
added 3 days ago4 views

openssl security update

An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

7.5CVSS7AI score0.00805EPSS
Exploits0
nessus
nessus
added 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-58102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension...

9.1CVSS6.2AI score0.00222EPSS
Exploits0References3
nessus
nessus
added 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-58101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER...

7.5CVSS6.1AI score0.00212EPSS
Exploits0References3
nessus
nessus
added 3 days ago4 views

openSUSE 16: apache2-mod_php8 / php8 / php8-bcmath / php8-bz2 / php8-calendar / etc (openSUSE-SU-2026:21308-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21308-1 advisory. This update for php8 fixes the following issues - Update to versio 8.4.23 - CVE-2026-14355: The AES-WRAP-PAD algorithm implementation in OpenSSL...

5.6CVSS6.2AI score0.00306EPSS
Exploits0References6
osv
osv
added 4 days ago3 views

DEBIAN-CVE-2026-58101

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...

7.5CVSS6.1AI score0.00212EPSS
Exploits0References1
osv
osv
added 4 days ago5 views

DEBIAN-CVE-2026-58102

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

9.1CVSS6.2AI score0.00222EPSS
Exploits0References1
nvd
nvd
added 4 days ago9 views

CVE-2026-58102

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

9.1CVSS0.00222EPSS
Exploits0References2
Rows per page
Query Builder