Lucene search
+L

9 matches found

OSV
OSV
added 2026/04/25 5:49 a.m.10 views

OESA-2026-2042 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

9.8CVSS6.8AI score0.01059EPSS
Exploits0References7
OSV
OSV
added 2026/04/25 5:49 a.m.8 views

OESA-2026-2041 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

9.8CVSS6.8AI score0.01059EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/09 8:50 a.m.2 views

openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

A flaw was found in OpenSSL. An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. This vulnerability could lead to data corruption, applicati...

8.1CVSS7.1AI score0.00755EPSS
Exploits0References5
OSV
OSV
added 2026/04/07 10:0 p.m.1 views

CVE-2026-28387 Potential Use-after-free in DANE Client Code

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS7.4AI score0.00755EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/04/07 10:0 p.m.32 views

CVE-2026-28387 Potential Use-after-free in DANE Client Code

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

0.00755EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-28387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may...

8.1CVSS8.2AI score0.00755EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

OpenSSL 安全漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

8.1CVSS7.5AI score0.00755EPSS
Exploits0References6
OSV
OSV
added 2026/04/07 12:0 a.m.5 views

UBUNTU-CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00755EPSS
Exploits0References5
OSV
OSV
added 2024/07/22 2:33 p.m.25 views

GHSA-CFXW-4H78-H7FW DNSJava DNSSEC Bypass

Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...

8.9CVSS8.3AI score0.00392EPSS
Exploits0References4
Rows per page
Query Builder