Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-55960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative...

8.2CVSS6AI score0.00145EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Clients that use RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because the handshake does not abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections that use raw...

6.3CVSS6.7AI score0.02439EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.9 views

Oracle Business Intelligence Enterprise Edition (OAS 7.6) (October 2025 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.6.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics...

8.7CVSS7.5AI score0.64718EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.9 views

Oracle Business Intelligence Enterprise Edition (OAS 8.2) (October 2025 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 8.2.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics...

8.4CVSS7.5AI score0.64718EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51115

Malicious code in bioql PyPI...

6.3CVSS7.2AI score0.02439EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 2:55 p.m.6 views

Security Bulletin: OpenSSL 3.2 RPK Verification Bypass May Allow MITM Attacks in TLS/DTLS Connections, which affects IBM watsonx.data

Summary Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be...

6.3CVSS8.3AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/27 2:42 a.m.5 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx_10_9_universal2.whl

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of cryptography-44.0.0-cp37-abi3-macosx109universal2.whl Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the...

6.3CVSS7.6AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 5:49 p.m.8 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx_10_9_universal2.whl

Summary IBM Watson Discovery Cartridge contains a vulnerable version of cryptography-44.0.0-cp37-abi3-macosx109universal2.whl Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the serv...

6.3CVSS6.8AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/04 3:36 p.m.12 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a man-in-the-middle vulnerability in RFC7250 Raw Public Keys [CVE-2024-12797]

Summary IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a man-in-the-middle vulnerability in RFC7250 Raw Public Keys RPKs, due to server authentication failure which is susceptible to man-in-the-middle attack CVE-2024-12797. RFC7250 Raw Public Keys are used in our Speech service...

6.3CVSS6.5AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/30 1:25 p.m.11 views

Security Bulletin: IBM Maximo Application Suite uses cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-12797.

Summary IBM Maximo Application Suite uses cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-12797. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using...

6.3CVSS6.8AI score0.02439EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2025/05/06 3:46 p.m.12 views

K000151201: OpenSSL vulnerability CVE-2024-12797

Security Advisory Description Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS...

6.3CVSS6.7AI score0.02439EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/06 8:1 a.m.16 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-43.0.1-cp37-abi3-manylinux_2_28_x86_64.whl CVE-2024-12797

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cryptography-43.0.1-cp37-abi3-manylinux228x8664.whl CVE-2024-12797. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients...

6.3CVSS7AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/25 6:55 a.m.23 views

Security Bulletin: There is a vulnerability in cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-12797)

Summary There is a vulnerability in cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server...

6.3CVSS6.5AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/17 10:14 a.m.23 views

Security Bulletin: IBM Maximo Application Suite - IoT uses cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-12797.

Summary IBM Maximo Application Suite - IoT uses cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-12797. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients...

6.3CVSS6.8AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/16 2:34 p.m.24 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using...

8.8CVSS7.6AI score0.66594EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/03 7:29 p.m.20 views

Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to authenticate a server may fail to notice that the server was not authenticated.

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component vulnerable to Clients that enable server-side raw public keys can still find out that raw public key verification. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

6.3CVSS6.6AI score0.02439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 6:0 p.m.19 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.10 LTS and 12.10.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

8.7CVSS7.5AI score0.02439EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.16 views

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / openssl (CVE-2024-12797)

The version of cloud-hypervisor-cvm / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12797 advisory. - Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server M...

6.3CVSS7AI score0.02439EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/12 4:9 a.m.5 views

SUSE CVE-2024-12797

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

8.8CVSS7.9AI score0.02439EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/02/12 12:0 a.m.8 views

OpenSSL RPKs Vulnerability (20250211) - Windows

OpenSSL is prone to a vulnerability in the RFC7250 Raw Public Keys RPKs handshake. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.3CVSS6.2AI score0.02439EPSS
Exploits0References2
Rows per page
Query Builder