Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

OSV
OSVadded 2023/02/08 10:22 p.m.41 views

GHSA-V5W6-WCM8-JM4Q openssl-src contains Double free after calling `PEM_read_bio_ex`

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

7.5CVSS7.8AI score0.00147EPSS
Exploits0References7
NVD
NVDadded 2023/02/08 8:15 p.m.18 views

CVE-2022-4450

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

7.5CVSS7.9AI score0.00147EPSS
Exploits0References5
CVE
CVEadded 2023/02/08 7:4 p.m.883 views

CVE-2022-4450

Summary (CVE-2022-4450): OpenSSL’s PEM_read_bio_ex() and wrappers PEM_read_bio()/PEM_read() are vulnerable. If a PEM file is crafted to trigger a 0-byte payload, PEM_read_bio_ex() may return a failure while its header buffer has already been freed; freeing that buffer again can cause a use-after-...

7.5CVSS8AI score0.00147EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/02/08 12:0 a.m.49 views

Amazon Linux 2 : openssl11 (ALAS-2023-1934)

The version of openssl11 installed on the remote host is prior to 1.1.1g-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1934 advisory. A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover ...

7.5CVSS7.7AI score0.88334EPSS
Exploits0References10
UbuntuCve
UbuntuCveadded 2023/02/07 12:0 a.m.35 views

CVE-2022-4450

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

7.5CVSS7.2AI score0.00147EPSS
Exploits0References5
Rows per page
Query Builder