CVE-2026-5549 Tenda AC10 RSA 2048-bit Private Key privkeySrv.pem hard-coded key

A vulnerability was determined in Tenda AC10 16.03.10.10multiTDE01. Affected by this issue is some unknown functionality of the file /webrootro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The atta...

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (c8eb4c40-47bd-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c8eb4c40-47bd-11ee-8e38-002590c1f29c advisory. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could ...

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2023-2489)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

AlmaLinux 8 : openssl (ALSA-2023:1405)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1405 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a...

SUSE CVE-2013-5018

The isasn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1length function, which allows remote attackers to cause a denial of service segmentation fault via a 1 XAuth username, 2 EAP identity, or 3 PEM encoded file that starts with a 0x04, 0x30,...

bottlerocket dependency openssl has a double free vulnerability

A double-free vulnerability exists in OpenSSL where it is possible to construct a malicious PEM file that has 0 bytes of payload data. This then points to data that has already been freed in memory which, when freed again, leads to a crash. Agents or clients compiled with OpenSSL may crash...

GHSA-3WXX-JXWC-MG39 bottlerocket dependency openssl has a double free vulnerability

A double-free vulnerability exists in OpenSSL where it is possible to construct a malicious PEM file that has 0 bytes of payload data. This then points to data that has already been freed in memory which, when freed again, leads to a crash. Agents or clients compiled with OpenSSL may crash...

CVE-2022-4450

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

CVE-2022-4450

Summary (CVE-2022-4450): OpenSSL’s PEM_read_bio_ex() and wrappers PEM_read_bio()/PEM_read() are vulnerable. If a PEM file is crafted to trigger a 0-byte payload, PEM_read_bio_ex() may return a failure while its header buffer has already been freed; freeing that buffer again can cause a use-after-...

CVE-2022-4450

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenSSL vulnerabilities (USN-5844-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5844-1 advisory. David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

SUSE: Security Advisory (SUSE-SU-2022:1411-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-24116

In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped,...

openSUSE Security Update : openssl-1_1 (openSUSE-2019-751)

This update for openssl-11 to 1.1.0i fixes the following issues : These security issues were fixed : - CVE-2018-0732: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an...

CVE-2018-19131

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTPS error page generation for certificate errors. Recent assessments: travisbgreen at April 21, 2020 10:49pm UTC reported: Bottom line: The commonName property of the certificate that signs the “failed to connect securely” error pa...

Security update for openssl-1_1 (moderate)

This update for openssl-11 to 1.1.0i fixes the following issues: These security issues were fixed: - CVE-2018-0732: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an...

After importing a certificate PEM file with more than one CERTIFICATE section, you cannot access the management console

You have a PEM file which contains a PRIVATE KEY section, and more than one CERTIFICATE section. The additional CERTIFICATE sections are for other root certificate authorities. In the Management Console, you go to Settings and Configuration, and upload the certificate. Once that completes, the...

openssl: integer underflow leading to buffer overflow in base64 decoding

An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input such as a PEM file could use this flaw to cause the application to...

RHEL 5 : curl (RHSA-2010:0273)

Updated curl packages that fix one security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...