Lucene search
K

15 matches found

Redos
Redos
added 2026/04/20 12:0 a.m.7 views

ROS-20260420-73-0014

A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.00502EPSS
Exploits1
Redos
Redos
added 2026/04/20 12:0 a.m.7 views

ROS-20260420-73-0015

A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS7.1AI score0.00502EPSS
Exploits1
Amazon
Amazon
added 2026/02/19 12:0 a.m.11 views

Important: edk2

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths,...

7.5CVSS5.7AI score0.00844EPSS
Exploits1
Amazon
Amazon
added 2026/02/19 12:0 a.m.11 views

Important: openssl-snapsafe

Issue Overview: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. CVE-2025-68160 A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TY...

7.5CVSS5.7AI score0.00844EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/14 12:0 a.m.4 views

SUSE SLES11: libopenssl1-devel / libopenssl1_0_0 / libopenssl1_0_0-32bit / etc (SUSE-SU-2026:0498-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0498-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References13
OSV
OSV
added 2026/02/12 2:47 p.m.6 views

SUSE-SU-2026:20349-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References17
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2026:0359-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0359-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.5 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:0358-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0358-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyrespon...

7.5CVSS6.8AI score0.00844EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2026:0333-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0333-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:0346-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0346-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE...

7.5CVSS6.8AI score0.00844EPSS
Exploits1References22
SUSE Linux
SUSE Linux
added 2026/01/29 6:34 p.m.8 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...

6.9CVSS5.9AI score0.00844EPSS
Exploits1References28
OSV
OSV
added 2026/01/29 8:16 a.m.2 views

SUSE-SU-2026:0333-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in...

7.5CVSS5.8AI score0.00844EPSS
Exploits1References9
OSV
OSV
added 2026/01/28 9:37 a.m.7 views

SUSE-SU-2026:0312-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
OSV
OSV
added 2026/01/28 9:37 a.m.5 views

SUSE-SU-2026:0311-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

9.8CVSS6.1AI score0.47621EPSS
Exploits7References17
UbuntuCve
UbuntuCve
added 2026/01/27 12:0 a.m.7 views

CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS6.7AI score0.00502EPSS
Exploits1References3
Rows per page
Query Builder