Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/01/27 4:49 p.m.3 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the openssl dgst command-line tool, which silently truncates input data to 16MB when using one-shot signing algorithms. Signatures for payloads larger than 16MB may appear to be valid...

6.3CVSS5.9AI score0.00176EPSS
Exploits1References2
Snyk
Snykadded 2025/09/30 11:59 p.m.7 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a missing NULL byte termination after strncpy call. An attacker can cause a crash and disrupt application availability by triggering an out-of-bounds read if API functions of OpenSSL HTTP client are used while...

6.5CVSS6.4AI score0.02046EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 3:49 a.m.2 views

SUSE CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.2AI score0.18339EPSS
Exploits1References13
OSV
OSVadded 2021/02/16 5:15 p.m.1 views

DEBIAN-CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.3AI score0.50732EPSS
Exploits0References1
ArchLinux
ArchLinuxadded 2020/12/16 12:0 a.m.100 views

[ASA-202012-24] openssl: denial of service

Arch Linux Security Advisory ASA-202012-24 ========================================== Severity: High Date : 2020-12-16 CVE-ID : CVE-2020-1971 Package : openssl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1335 Summary ======= The package openssl before version...

5.9CVSS0.4AI score0.06968EPSS
Exploits3References4
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/17 3:0 p.m.37 views

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Netcool/Reporter (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Netcool/Reporter. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...

5CVSS0.7AI score0.74006EPSS
Exploits0Affected Software1
GithubExploit
GithubExploitadded 2014/04/08 9:19 a.m.3 views

Exploit for Out-of-bounds Read in Openssl

patch-openssl-CVE-2014-0160 =========================== Patch o...

7.5CVSS7AI score0.99999EPSS
Exploits87
Rows per page
Query Builder