Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.31 views

Siemens SIMATIC and SCALANCE Products Encryption Strength (CVE-2023-0215)

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS7.7AI score0.04494EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.30 views

EulerOS 2.0 SP5 : shim (EulerOS-SA-2023-2169)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to...

7.5CVSS7.7AI score0.04494EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/20 12:0 a.m.53 views

AlmaLinux 8 : edk2 (ALSA-2023:2932)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2932 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a...

7.5CVSS7.9AI score0.59501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.44 views

EulerOS 2.0 SP8 : openssl (EulerOS-SA-2023-1602)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a netwo...

7.5CVSS7.9AI score0.59501EPSS
Exploits0References5
Cloud Foundry
Cloud Foundry
added 2023/02/24 12:0 a.m.42 views

USN-5845-1: OpenSSL vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in...

7.5CVSS8.5AI score0.59501EPSS
Exploits0
Cvelist
Cvelist
added 2023/02/08 7:3 p.m.25 views

CVE-2023-0215 Use-after-free following BIO_new_NDEF

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.9AI score0.04494EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.56 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2023:0306-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0306-1 advisory. - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERALNAMEcmp for x400Address bsc1207533. - CVE-2023-0215: Fixed...

7.5CVSS7.1AI score0.59501EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2023/02/07 8:6 p.m.83 views

USN-5845-2: OpenSSL vulnerabilities

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

7.5CVSS8.1AI score0.59501EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/02/07 5:28 p.m.60 views

CVE-2023-0215

A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...

7.5CVSS6.7AI score0.04494EPSS
Exploits0References4
OSV
OSV
added 2023/02/07 5:24 p.m.3 views

USN-5845-1 openssl1.0 vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. CVE-2023-0286 Octavio Galland and Marcel Böhme discovered that OpenSS...

7.5CVSS6.9AI score0.59501EPSS
Exploits0References3
RustSec
RustSec
added 2023/02/07 12:0 p.m.43 views

Use-after-free following `BIO_new_NDEF`

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

7.5CVSS6.6AI score0.04494EPSS
Exploits0Affected Software1
Rows per page
Query Builder