Lucene search
+L

17 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-58101

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3EXTd2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and authatt dereference its result without a NULL check. keyiddata also dereferences akid-keyid,...

7.5CVSS0.00212EPSS
Exploits0References2
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-276 Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads...

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

9.8CVSS6.5AI score0.00225EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/20 11:26 p.m.14 views

SUSE CVE-2026-31430

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

5.6AI score0.00081EPSS
Exploits0References3
NVD
NVD
added 2026/04/20 10:16 a.m.9 views

CVE-2026-31430

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

7.1CVSS0.00081EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/20 9:43 a.m.7 views

CVE-2026-31430

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

5.6AI score0.00081EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/04/20 9:43 a.m.40 views

CVE-2026-31430 X.509: Fix out-of-bounds access when parsing extensions

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

0.00081EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/08 11:26 p.m.12 views

SUSE CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

7.3CVSS6.5AI score0.00225EPSS
Exploits0References20
Vulnrichment
Vulnrichment
added 2026/04/07 10:0 p.m.1 views

CVE-2026-31789 Heap Buffer Overflow in Hexadecimal Conversion

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

6.4AI score0.00225EPSS
Exploits0References6
OSV
OSV
added 2026/04/07 10:0 p.m.1 views

CVE-2026-31789 Heap Buffer Overflow in Hexadecimal Conversion

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

5.8CVSS7.5AI score0.00225EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2026/04/07 10:0 p.m.4 views

CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

9.8CVSS6.5AI score0.00225EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A...

9.8CVSS7.7AI score0.00225EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.48 views

OpenSSL 3.4.0 < 3.4.5 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.5 advisory. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit...

9.8CVSS8.6AI score0.01059EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2017/06/28 12:0 a.m.36 views

Debian DSA-3900-1 : openvpn - security update

Several issues were discovered in openvpn, a virtual private network application. - CVE-2017-7479 It was discovered that openvpn did not properly handle the rollover of packet identifiers. This would allow an authenticated remote attacker to cause a denial-of-service via application crash. -...

7.5CVSS7.2AI score0.04759EPSS
Exploits0References12
Debian
Debian
added 2017/06/27 7:51 p.m.39 views

[SECURITY] [DSA 3900-1] openvpn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3900-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 27, 2017 https://www.debian.org/security/faq -...

5CVSS3.3AI score0.04759EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/06/23 12:0 a.m.50 views

Ubuntu 14.04 LTS / 16.04 LTS : OpenVPN vulnerabilities (USN-3339-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3339-1 advisory. Karthikeyan Bhargavan and Gatan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could...

9.8CVSS7.3AI score0.0594EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2017/06/22 6:2 p.m.111 views

USN-3339-1: OpenVPN vulnerabilities

Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warni...

7.5CVSS7.2AI score0.0594EPSS
Exploits0
OSV
OSV
added 2017/06/22 6:2 p.m.5 views

USN-3339-1 openvpn vulnerabilities

Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warni...

7.5CVSS7AI score0.0594EPSS
Exploits0References6
Rows per page
Query Builder