Skip to main content

OpenSSL

436 CVEs product

Monthly

CVE-2026-33896 npm CRITICAL PATCH Act Now

Certificate chain spoofing in node-forge (npm) <= 1.3.3 lets an attacker present any non-CA leaf certificate as a trusted intermediate CA, because pki.verifyCertificateChain() skips RFC 5280 basicConstraints enforcement when a certificate carries neither the basicConstraints nor the keyUsage extension. An attacker holding such a leaf certificate can sign certificates for arbitrary identities and have node-forge accept the forged chain, defeating authentication for any application relying on it for custom PKI, S/MIME, PKCS#7, or device-certificate validation. Rated CVSS 9.1 by the reporter and fixed in 1.4.0; publicly available exploit code exists (full PoC in the GHSA), but EPSS is only 0.02% and it is not on CISA KEV.

Microsoft Buffer Overflow OpenSSL
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-33895 npm HIGH PATCH This Week

The digitalbazaar/forge npm package accepts forged Ed25519 signatures due to missing scalar canonicalization checks, allowing authentication and authorization bypass in applications that rely on signature uniqueness. All versions since Ed25519 implementation are affected (confirmed through version 1.3.3), identified as pkg:npm/node-forge. Publicly available exploit code exists with a complete proof-of-concept demonstrating how attackers can create multiple valid signatures for the same message by adding the group order L to the scalar component S, bypassing deduplication, replay protection, and signed-object canonicalization checks. The vendor has released a patch via commit bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85.

Node.js Canonical OpenSSL Authentication Bypass Jwt Attack
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33894 npm HIGH PATCH GHSA This Week

Signature forgery in node-forge npm package (all versions through v1.3.3) allows remote attackers to bypass RSASSA PKCS#1 v1.5 signature verification for RSA keys using low public exponent (e=3). Attackers can construct Bleichenbacher-style forged signatures by injecting malicious ASN.1 content within DigestInfo structures and exploiting missing padding length validation, enabling authentication bypass in systems relying on forge for cryptographic verification. Proof-of-concept code demonstrates successful forgery against forge while OpenSSL correctly rejects the same signature. CVSS score 7.5 (High) with network attack vector, low complexity, and no privileges required. No public exploit identified at time of analysis beyond the research POC.

Node.js OpenSSL Canonical Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27602 PyPI HIGH PATCH This Week

Modoboa, an open-source mail server management platform, contains a command injection vulnerability in its subprocess execution handler that allows authenticated Reseller or SuperAdmin users to execute arbitrary operating system commands. A proof-of-concept exploit exists demonstrating how shell metacharacters in domain names can achieve code execution, typically as root in standard deployments. The vulnerability affects modoboa versions up to and including 2.7.0, with patches available in version 2.7.1.

Python Command Injection OpenSSL
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-33505 Go HIGH PATCH This Week

Ory Keto, an open-source authorization service, contains a SQL injection vulnerability in its GetRelationships API due to insecure pagination token handling. Attackers who know or can exploit the default hard-coded pagination encryption secret can craft malicious tokens to execute arbitrary SQL queries. The CVSS score of 7.2 reflects high privileges required (PR:H), though the actual risk is elevated when default secrets remain unchanged in production deployments.

SQLi OpenSSL Suse
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-33504 Go HIGH PATCH This Week

Ory Hydra, an OAuth 2.0 and OpenID Connect provider, contains a SQL injection vulnerability in three admin APIs (listOAuth2Clients, listOAuth2ConsentSessions, listTrustedOAuth2JwtGrantIssuers) due to insecure pagination token handling. Attackers who know the pagination secret can craft malicious encrypted tokens to execute arbitrary SQL queries. The CVSS score of 7.2 requires high privileges (PR:H), but successful exploitation grants full database access with high confidentiality, integrity, and availability impact.

SQLi OpenSSL Suse
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-33503 Go HIGH PATCH This Week

Ory Kratos, an open-source identity and user management system, contains a SQL injection vulnerability in its ListCourierMessages Admin API through malicious pagination tokens. Attackers who know or can exploit the default pagination encryption secret can craft tokens to execute arbitrary SQL queries against the backend database. The vulnerability requires high privileges (PR:H) but is network-exploitable (AV:N) with low complexity (AC:L), scoring CVSS 7.2.

SQLi OpenSSL Suse
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-27459 PyPI HIGH PATCH This Week

Buffer overflow in pyOpenSSL's cookie generation callback allows attackers to corrupt memory and potentially achieve remote code execution by supplying oversized cookie values exceeding 256 bytes. The vulnerability affects applications using custom cookie callbacks with OpenSSL integration, where insufficient length validation permits writing beyond allocated buffer boundaries. A patch is available that implements proper cookie size validation.

OpenSSL Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-2673 MEDIUM POC PATCH CISA This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
Threat
4.8
CVE-2026-24695 HIGH This Week

Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary commands by injecting malicious input into OpenSSL parameter fields. An attacker with valid credentials can exploit this command injection vulnerability through the utility route to gain complete system compromise. No patch is currently available for affected XWEB 500b Pro and 300d Pro devices.

OpenSSL TLS RCE Command Injection Xweb 500b Pro Firmware +2
NVD GitHub
CVSS 3.1
8.0
EPSS
0.3%
CVE-2026-23229 MEDIUM PATCH CISA This Month

The Linux kernel's virtio-crypto driver lacks proper synchronization when handling virtqueue notifications from multiple processes, causing data corruption and system hangs when processing cryptographic operations concurrently. Local attackers with user privileges can trigger denial of service by running parallel crypto workloads, as demonstrated through multi-process OpenSSL benchmarks that expose race conditions in the virtcrypto_done_task() handler. No patch is currently available for this medium-severity vulnerability affecting systems running virtio-crypto with builtin backends.

Linux OpenSSL Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1357 CRITICAL POC Act Now

Unauthenticated arbitrary file upload in WPvivid Backup & Migration WordPress plugin. EPSS 0.44%.

WordPress PHP OpenSSL RCE Path Traversal
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2026-25892 PHP HIGH POC PATCH This Week

Adminer versions 5.4.1 and earlier suffer from a post-message validation bypass that allows remote attackers to trigger denial of service affecting all users. By sending a crafted POST request with array parameters to the version endpoint, an attacker can cause openssl_verify() to receive malformed input, resulting in a TypeError that crashes the application and returns HTTP 500 errors. Public exploit code exists for this vulnerability; administrators should upgrade to version 5.4.2 immediately.

PHP OpenSSL Adminer Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2026-22796 MEDIUM PATCH This Month

OpenSSL's PKCS#7 signature verification fails to validate ASN1_TYPE union members before access, allowing attackers to trigger null pointer dereference crashes by submitting malformed PKCS#7 data. Applications performing signature verification or using PKCS7_digest_from_attributes() directly are vulnerable to denial of service attacks. A patch is available to address this type confusion vulnerability.

OpenSSL Denial Of Service
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-22795 MEDIUM PATCH This Month

Processing a malformed PKCS#12 file in OpenSSL and related TLS libraries can trigger a null pointer dereference due to improper type validation in ASN.1 parsing, causing applications to crash. This vulnerability requires local user interaction to exploit and results only in denial of service, with no impact on data confidentiality or integrity. A patch is available to address this medium-severity issue.

OpenSSL Denial Of Service
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-69421 HIGH PATCH CISA This Week

Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. [CVSS 7.5 HIGH]

OpenSSL Null Pointer Dereference Denial Of Service RCE
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69420 HIGH PATCH This Week

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. [CVSS 7.5 HIGH]

OpenSSL Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-69419 HIGH PATCH This Week

Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. [CVSS 7.4 HIGH]

OpenSSL Memory Corruption Denial Of Service Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-69418 MEDIUM PATCH This Month

Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware-accelerated code paths, inputs whose length is not a multiple<br>of 16 bytes can leave the final partial block unencrypted and unauthenticated.<br><br>Impact summary: The trailing 1-15 bytes of a message may be exposed in<br>cleartext on encryption and are not covered by the authentication tag,<br>allowing an attacker to read or tamper with those bytes without detection.<br><br>The low-level OCB encrypt and decrypt routines in the hardware-accelerated<br>stream path process full 16-byte blocks but do not advance the input/output<br>pointers. [CVSS 4.0 MEDIUM]

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-68160 MEDIUM PATCH This Month

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. [CVSS 4.7 MEDIUM]

OpenSSL Memory Corruption Denial Of Service Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-66199 MEDIUM POC PATCH This Month

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. [CVSS 5.9 MEDIUM]

OpenSSL TLS Memory Corruption Denial Of Service Information Disclosure +2
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-15469 MEDIUM POC PATCH This Month

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. [CVSS 5.5 MEDIUM]

OpenSSL TLS Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-15468 MEDIUM PATCH This Month

Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. [CVSS 5.9 MEDIUM]

OpenSSL TLS Null Pointer Dereference Denial Of Service Red Hat +1
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2025-15467 HIGH POC PATCH CISA Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow Memory Corruption
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.0%
Threat
5.3
CVE-2025-11187 MEDIUM POC PATCH This Month

Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. [CVSS 6.1 MEDIUM]

OpenSSL Buffer Overflow Null Pointer Dereference Denial Of Service RCE +2
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-59464 HIGH PATCH This Week

A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. [CVSS 7.5 HIGH]

Node.js OpenSSL TLS Denial Of Service Node.Js +2
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21444 MEDIUM POC PATCH This Month

Improper IV handling in libtpms 0.10.0 and 0.10.1 causes the library to return initial instead of final initialization vectors during symmetric cipher operations with OpenSSL 3.x, potentially weakening cryptographic security for local users who can interact with the TPM emulation. Public exploit code exists for this vulnerability affecting confidentiality of encrypted data. Update to libtpms 0.10.2 to remediate.

OpenSSL TLS Libtpms Red Hat Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-53841 HIGH PATCH This Week

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Microsoft Privilege Escalation OpenSSL Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-64429 PyPI MEDIUM PATCH This Month

DuckDB is a SQL database management system. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Duckdb Red Hat
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-27237 HIGH PATCH This Week

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

Privilege Escalation OpenSSL Ubuntu Debian Windows
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2025-9232 MEDIUM PATCH CISA This Month

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service Buffer Overflow Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-9231 MEDIUM PATCH CISA This Month

Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-9230 HIGH PATCH CISA Act Now

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service Buffer Overflow Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-60019 LOW Monitor

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service Null Pointer Dereference
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-60018 MEDIUM PATCH This Month

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Buffer Overflow Information Disclosure
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-34203 CRITICAL POC Act Now

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Debian Docker PHP Nginx OpenSSL +4
NVD
CVSS 4.0
9.3
EPSS
0.1%
CVE-2025-34192 CRITICAL POC Act Now

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

OpenSSL Apple Information Disclosure Virtual Appliance Application Virtual Appliance Host +1
NVD
CVSS 4.0
9.3
EPSS
0.3%
CVE-2025-10225 HIGH This Month

Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows allows a remote. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Buffer Overflow Microsoft Axxon One Windows
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2025-42927 LOW Monitor

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Java Adobe OpenSSL SAP Information Disclosure
NVD
CVSS 3.1
3.4
EPSS
0.0%
CVE-2025-8614 HIGH This Month

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation OpenSSL RCE Nomachine
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-45765 CRITICAL This Week

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Red Hat Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-4662 MEDIUM This Month

CVE-2025-4662 is a security vulnerability (CVSS 4.4). Remediation should follow standard vulnerability management procedures.

OpenSSL Information Disclosure Brocade Sannav
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-5987 HIGH PATCH This Week

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library.

OpenSSL Denial Of Service Libssh
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-5372 HIGH PATCH This Week

Cryptographic key derivation failure in libssh versions prior to 0.11.2 (when built against OpenSSL older than 3.0) can cause SSH sessions to proceed with uninitialized key material, allowing remote attackers to undermine session confidentiality and integrity. The flaw stems from inverted return-value semantics between OpenSSL and libssh in ssh_kdf(), so a silent KDF failure is treated as success. No public exploit identified at time of analysis and EPSS risk is low (0.07%), but the issue is widely shipped across Red Hat, Ubuntu, Debian and SUSE distributions and has vendor patches available.

OpenSSL Information Disclosure Libssh Openshift Container Platform Enterprise Linux
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-27587 MEDIUM PATCH This Month

A security vulnerability in OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

OpenSSL Information Disclosure Ubuntu Debian Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-5480 HIGH This Week

Local privilege escalation vulnerability in Action1 where an attacker with low-privileged code execution can exploit an insecure OpenSSL configuration file loading mechanism to achieve SYSTEM-level code execution. The vulnerability requires prior code execution capability on the target system but presents a direct path to full system compromise once initial access is obtained. No active exploitation or public POC has been confirmed at this time, but the moderate CVSS score of 7.8 and CWE-427 classification indicate a meaningful risk to Action1 users.

OpenSSL RCE Privilege Escalation Agent
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-48057 CRITICAL PATCH This Week

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Icinga Suse
NVD GitHub
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-4575 MEDIUM PATCH This Month

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-47276 HIGH This Month

Actualizer is a single shell script solution to allow developers and embedded engineers to create Debian operating systems (OS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Debian
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-35471 HIGH POC PATCH This Month

conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft OpenSSL RCE Miniforge Openssl Feedstock +1
NVD GitHub
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-46551 LIB MEDIUM POC PATCH This Month

JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

OpenSSL Information Disclosure Jruby Jruby Openssl Red Hat
NVD GitHub
CVSS 4.0
5.7
EPSS
0.1%
CVE-2025-2769 HIGH This Week

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL RCE Privilege Escalation Netdrive
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2768 HIGH This Week

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL RCE Privilege Escalation Netdrive
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-23253 LOW Monitor

NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

OpenSSL Information Disclosure Nvidia RCE Denial Of Service +2
NVD
CVSS 3.1
2.5
EPSS
0.1%
CVE-2025-3416 LOW Monitor

A flaw was found in OpenSSL's handling of the properties argument in certain functions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Memory Corruption OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.5%
CVE-2025-2263 CRITICAL POC Act Now

During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

OpenSSL Buffer Overflow Stack Overflow Sante Pacs Server
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-12797 PyPI MEDIUM POC PATCH This Month

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.8%
CVE-2025-24898 Cargo MEDIUM PATCH This Month

rust-openssl is a set of OpenSSL bindings for the Rust programming language. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Memory Corruption Use After Free Denial Of Service Red Hat +1
NVD GitHub
CVSS 4.0
6.3
EPSS
0.1%
CVE-2024-2658 HIGH This Month

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Authentication Bypass
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2024-13454 MEDIUM This Month

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Easy Rsa Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2023-24012 HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
CVE-2023-24011 HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
CVE-2023-24010 HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-33617 HIGH This Week

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.4%
CVE-2024-31074 HIGH This Week

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.5%
CVE-2024-28885 HIGH This Week

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
CVSS 4.0
8.2
EPSS
0.4%
CVE-2024-41594 HIGH This Week

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure OpenSSL Vigor2620 Firmware Vigor2915 Firmware Vigor2866 Firmware +21
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-9355 Go MEDIUM This Month

A vulnerability was found in Golang FIPS OpenSSL. Rated medium severity (CVSS 6.5). No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-6119 HIGH PATCH This Week

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption OpenSSL Active Iq Unified Manager Management Services For Element Software And Netapp Hci +17
NVD GitHub
CVSS 3.1
7.5
EPSS
6.6%
CVE-2024-45238 HIGH This Week

An issue was discovered in Fort before 1.6.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference OpenSSL Denial Of Service Fort Validator
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-6975 HIGH POC This Week

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file.10.34. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation OpenSSL Microsoft Cato Client
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-5642 MEDIUM This Month

CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure OpenSSL
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-5535 CRITICAL Act Now

Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Buffer Overflow Information Disclosure
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
5.1%
CVE-2024-37305 HIGH This Week

oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow OpenSSL
NVD GitHub
CVSS 3.1
8.2
EPSS
0.4%
CVE-2024-37309 Maven MEDIUM POC PATCH This Month

CrateDB is a distributed SQL database. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

OpenSSL Denial Of Service Cratedb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2024-2408 MEDIUM POC This Month

The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Information Disclosure OpenSSL Microsoft Fedora
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2024-4611 HIGH PATCH This Week

The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decrypt_value' and on the 'doCookieAuth' functions in all versions up to, and including,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

PHP Information Disclosure WordPress OpenSSL Apppresser
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2024-26306 MEDIUM This Month

iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL Iperf3 Bootstrap Os
NVD GitHub
CVSS 3.1
5.9
EPSS
1.1%
CVE-2024-3729 CRITICAL PATCH Act Now

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation PHP WordPress Authentication Bypass OpenSSL +1
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-2467 MEDIUM This Month

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-6237 MEDIUM This Month

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service OpenSSL
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2024-2511 MEDIUM This Month

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service
NVD GitHub
CVSS 3.1
5.9
EPSS
4.1%
CVE-2024-3296 MEDIUM This Month

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-0394 HIGH This Week

Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass RCE Privilege Escalation OpenSSL
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-1394 Go HIGH PATCH This Week

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2024-0727 PyPI MEDIUM PATCH This Month

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service OpenSSL
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-6129 MEDIUM PATCH This Month

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service OpenSSL
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2023-49210 npm CRITICAL POC PATCH Act Now

The openssl (aka node-openssl) NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field (used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js OpenSSL Command Injection Node Openssl
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-33202 Maven MEDIUM POC PATCH This Month

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java OpenSSL Denial Of Service Bouncy Castle For Java Fips Java Api
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2023-41840 HIGH This Week

A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Fortinet OpenSSL Information Disclosure Forticlient
NVD
CVSS 3.1
7.8
EPSS
0.3%
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Certificate chain spoofing in node-forge (npm) <= 1.3.3 lets an attacker present any non-CA leaf certificate as a trusted intermediate CA, because pki.verifyCertificateChain() skips RFC 5280 basicConstraints enforcement when a certificate carries neither the basicConstraints nor the keyUsage extension. An attacker holding such a leaf certificate can sign certificates for arbitrary identities and have node-forge accept the forged chain, defeating authentication for any application relying on it for custom PKI, S/MIME, PKCS#7, or device-certificate validation. Rated CVSS 9.1 by the reporter and fixed in 1.4.0; publicly available exploit code exists (full PoC in the GHSA), but EPSS is only 0.02% and it is not on CISA KEV.

Microsoft Buffer Overflow OpenSSL
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The digitalbazaar/forge npm package accepts forged Ed25519 signatures due to missing scalar canonicalization checks, allowing authentication and authorization bypass in applications that rely on signature uniqueness. All versions since Ed25519 implementation are affected (confirmed through version 1.3.3), identified as pkg:npm/node-forge. Publicly available exploit code exists with a complete proof-of-concept demonstrating how attackers can create multiple valid signatures for the same message by adding the group order L to the scalar component S, bypassing deduplication, replay protection, and signed-object canonicalization checks. The vendor has released a patch via commit bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85.

Node.js Canonical OpenSSL +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Signature forgery in node-forge npm package (all versions through v1.3.3) allows remote attackers to bypass RSASSA PKCS#1 v1.5 signature verification for RSA keys using low public exponent (e=3). Attackers can construct Bleichenbacher-style forged signatures by injecting malicious ASN.1 content within DigestInfo structures and exploiting missing padding length validation, enabling authentication bypass in systems relying on forge for cryptographic verification. Proof-of-concept code demonstrates successful forgery against forge while OpenSSL correctly rejects the same signature. CVSS score 7.5 (High) with network attack vector, low complexity, and no privileges required. No public exploit identified at time of analysis beyond the research POC.

Node.js OpenSSL Canonical +1
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Modoboa, an open-source mail server management platform, contains a command injection vulnerability in its subprocess execution handler that allows authenticated Reseller or SuperAdmin users to execute arbitrary operating system commands. A proof-of-concept exploit exists demonstrating how shell metacharacters in domain names can achieve code execution, typically as root in standard deployments. The vulnerability affects modoboa versions up to and including 2.7.0, with patches available in version 2.7.1.

Python Command Injection OpenSSL
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Ory Keto, an open-source authorization service, contains a SQL injection vulnerability in its GetRelationships API due to insecure pagination token handling. Attackers who know or can exploit the default hard-coded pagination encryption secret can craft malicious tokens to execute arbitrary SQL queries. The CVSS score of 7.2 reflects high privileges required (PR:H), though the actual risk is elevated when default secrets remain unchanged in production deployments.

SQLi OpenSSL Suse
NVD GitHub
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Ory Hydra, an OAuth 2.0 and OpenID Connect provider, contains a SQL injection vulnerability in three admin APIs (listOAuth2Clients, listOAuth2ConsentSessions, listTrustedOAuth2JwtGrantIssuers) due to insecure pagination token handling. Attackers who know the pagination secret can craft malicious encrypted tokens to execute arbitrary SQL queries. The CVSS score of 7.2 requires high privileges (PR:H), but successful exploitation grants full database access with high confidentiality, integrity, and availability impact.

SQLi OpenSSL Suse
NVD GitHub
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Ory Kratos, an open-source identity and user management system, contains a SQL injection vulnerability in its ListCourierMessages Admin API through malicious pagination tokens. Attackers who know or can exploit the default pagination encryption secret can craft tokens to execute arbitrary SQL queries against the backend database. The vulnerability requires high privileges (PR:H) but is network-exploitable (AV:N) with low complexity (AC:L), scoring CVSS 7.2.

SQLi OpenSSL Suse
NVD GitHub
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Buffer overflow in pyOpenSSL's cookie generation callback allows attackers to corrupt memory and potentially achieve remote code execution by supplying oversized cookie values exceeding 256 bytes. The vulnerability affects applications using custom cookie callbacks with OpenSSL integration, where insufficient length validation permits writing beyond allocated buffer boundaries. A patch is available that implements proper cookie size validation.

OpenSSL Buffer Overflow
NVD GitHub VulDB
EPSS 0% 4.8 CVSS 6.5
MEDIUM POC PATCH This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Remote code execution in XWEB Pro firmware versions 1.12.1 and earlier allows authenticated attackers to execute arbitrary commands by injecting malicious input into OpenSSL parameter fields. An attacker with valid credentials can exploit this command injection vulnerability through the utility route to gain complete system compromise. No patch is currently available for affected XWEB 500b Pro and 300d Pro devices.

OpenSSL TLS RCE +4
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's virtio-crypto driver lacks proper synchronization when handling virtqueue notifications from multiple processes, causing data corruption and system hangs when processing cryptographic operations concurrently. Local attackers with user privileges can trigger denial of service by running parallel crypto workloads, as demonstrated through multi-process OpenSSL benchmarks that expose race conditions in the virtcrypto_done_task() handler. No patch is currently available for this medium-severity vulnerability affecting systems running virtio-crypto with builtin backends.

Linux OpenSSL Information Disclosure
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Unauthenticated arbitrary file upload in WPvivid Backup & Migration WordPress plugin. EPSS 0.44%.

WordPress PHP OpenSSL +2
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Adminer versions 5.4.1 and earlier suffer from a post-message validation bypass that allows remote attackers to trigger denial of service affecting all users. By sending a crafted POST request with array parameters to the version endpoint, an attacker can cause openssl_verify() to receive malformed input, resulting in a TypeError that crashes the application and returns HTTP 500 errors. Public exploit code exists for this vulnerability; administrators should upgrade to version 5.4.2 immediately.

PHP OpenSSL Adminer +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

OpenSSL's PKCS#7 signature verification fails to validate ASN1_TYPE union members before access, allowing attackers to trigger null pointer dereference crashes by submitting malformed PKCS#7 data. Applications performing signature verification or using PKCS7_digest_from_attributes() directly are vulnerable to denial of service attacks. A patch is available to address this type confusion vulnerability.

OpenSSL Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Processing a malformed PKCS#12 file in OpenSSL and related TLS libraries can trigger a null pointer dereference due to improper type validation in ASN.1 parsing, causing applications to crash. This vulnerability requires local user interaction to exploit and results only in denial of service, with no impact on data confidentiality or integrity. A patch is available to address this medium-severity issue.

OpenSSL Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. [CVSS 7.5 HIGH]

OpenSSL Null Pointer Dereference Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. [CVSS 7.5 HIGH]

OpenSSL Denial Of Service
NVD GitHub VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. [CVSS 7.4 HIGH]

OpenSSL Memory Corruption Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware-accelerated code paths, inputs whose length is not a multiple<br>of 16 bytes can leave the final partial block unencrypted and unauthenticated.<br><br>Impact summary: The trailing 1-15 bytes of a message may be exposed in<br>cleartext on encryption and are not covered by the authentication tag,<br>allowing an attacker to read or tamper with those bytes without detection.<br><br>The low-level OCB encrypt and decrypt routines in the hardware-accelerated<br>stream path process full 16-byte blocks but do not advance the input/output<br>pointers. [CVSS 4.0 MEDIUM]

OpenSSL Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. [CVSS 4.7 MEDIUM]

OpenSSL Memory Corruption Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. [CVSS 5.9 MEDIUM]

OpenSSL TLS Memory Corruption +4
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. [CVSS 5.5 MEDIUM]

OpenSSL TLS Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. [CVSS 5.9 MEDIUM]

OpenSSL TLS Null Pointer Dereference +3
NVD GitHub VulDB
EPSS 1% 5.3 CVSS 8.8
HIGH POC PATCH Act Now

OpenSSL has a critical out-of-bounds write when parsing CMS AuthEnvelopedData/EnvelopedData with malicious AEAD parameters, enabling potential RCE.

OpenSSL RCE Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. [CVSS 6.1 MEDIUM]

OpenSSL Buffer Overflow Null Pointer Dereference +4
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. [CVSS 7.5 HIGH]

Node.js OpenSSL TLS +4
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Improper IV handling in libtpms 0.10.0 and 0.10.1 causes the library to return initial instead of final initialization vectors during symmetric cipher operations with OpenSSL 3.x, potentially weakening cryptographic security for local users who can interact with the TPM emulation. Public exploit code exists for this vulnerability affecting confidentiality of encrypted data. Update to libtpms 0.10.2 to remediate.

OpenSSL TLS Libtpms +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Microsoft Privilege Escalation OpenSSL +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

DuckDB is a SQL database management system. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Duckdb +1
NVD GitHub
EPSS 0% CVSS 7.3
HIGH PATCH This Week

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

Privilege Escalation OpenSSL Ubuntu +2
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH Act Now

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service Buffer Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 3.7
LOW Monitor

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service Null Pointer Dereference
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIO_write(), resulting in an out of bounds read. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Buffer Overflow Information Disclosure
NVD
EPSS 0% CVSS 9.3
CRITICAL POC Act Now

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Debian Docker PHP +6
NVD
EPSS 0% CVSS 9.3
CRITICAL POC Act Now

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

OpenSSL Apple Information Disclosure +3
NVD
EPSS 0% CVSS 8.7
HIGH This Month

Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and earlier on Windows allows a remote. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Buffer Overflow Microsoft +2
NVD
EPSS 0% CVSS 3.4
LOW Monitor

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Java Adobe OpenSSL +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation OpenSSL RCE +1
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Red Hat +1
NVD GitHub
EPSS 0% CVSS 4.4
MEDIUM This Month

CVE-2025-4662 is a security vulnerability (CVSS 4.4). Remediation should follow standard vulnerability management procedures.

OpenSSL Information Disclosure Brocade Sannav
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library.

OpenSSL Denial Of Service Libssh
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Cryptographic key derivation failure in libssh versions prior to 0.11.2 (when built against OpenSSL older than 3.0) can cause SSH sessions to proceed with uninitialized key material, allowing remote attackers to undermine session confidentiality and integrity. The flaw stems from inverted return-value semantics between OpenSSL and libssh in ssh_kdf(), so a silent KDF failure is treated as success. No public exploit identified at time of analysis and EPSS risk is low (0.07%), but the issue is widely shipped across Red Hat, Ubuntu, Debian and SUSE distributions and has vendor patches available.

OpenSSL Information Disclosure Libssh +2
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A security vulnerability in OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

OpenSSL Information Disclosure Ubuntu +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation vulnerability in Action1 where an attacker with low-privileged code execution can exploit an insecure OpenSSL configuration file loading mechanism to achieve SYSTEM-level code execution. The vulnerability requires prior code execution capability on the target system but presents a direct path to full system compromise once initial access is obtained. No active exploitation or public POC has been confirmed at this time, but the moderate CVSS score of 7.8 and CWE-427 classification indicate a meaningful risk to Action1 users.

OpenSSL RCE Privilege Escalation +1
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH This Week

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Icinga +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Suse
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Month

Actualizer is a single shell script solution to allow developers and embedded engineers to create Debian operating systems (OS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Debian
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Month

conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft OpenSSL RCE +3
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM POC PATCH This Month

JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

OpenSSL Information Disclosure Jruby +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL RCE Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL RCE Privilege Escalation +1
NVD
EPSS 0% CVSS 2.5
LOW Monitor

NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

OpenSSL Information Disclosure Nvidia +4
NVD
EPSS 0% CVSS 3.7
LOW Monitor

A flaw was found in OpenSSL's handling of the properties argument in certain functions. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Memory Corruption OpenSSL +1
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

OpenSSL Buffer Overflow Stack Overflow +1
NVD
EPSS 1% CVSS 6.3
MEDIUM POC PATCH This Month

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

rust-openssl is a set of OpenSSL bindings for the Rust programming language. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Memory Corruption Use After Free +3
NVD GitHub
EPSS 0% CVSS 8.5
HIGH This Month

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Authentication Bypass
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Easy Rsa +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.2
HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.2
HIGH This Week

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.2
HIGH This Week

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Intel Information Disclosure
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure OpenSSL Vigor2620 Firmware +23
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability was found in Golang FIPS OpenSSL. Rated medium severity (CVSS 6.5). No vendor patch available.

OpenSSL Information Disclosure
NVD GitHub
EPSS 7% CVSS 7.5
HIGH PATCH This Week

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption OpenSSL +19
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Fort before 1.6.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference OpenSSL Denial Of Service +1
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file.10.34. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation OpenSSL Microsoft +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure OpenSSL
NVD GitHub
EPSS 5% CVSS 9.1
CRITICAL Act Now

Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Buffer Overflow Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH This Week

oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow OpenSSL
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

CrateDB is a distributed SQL database. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

OpenSSL Denial Of Service Cratedb
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM POC This Month

The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Information Disclosure OpenSSL +2
NVD GitHub
EPSS 2% CVSS 8.1
HIGH PATCH This Week

The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decrypt_value' and on the 'doCookieAuth' functions in all versions up to, and including,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

PHP Information Disclosure WordPress +2
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL Iperf3 +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation PHP WordPress +3
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM This Month

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service OpenSSL
NVD GitHub
EPSS 4% CVSS 5.9
MEDIUM This Month

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Denial Of Service
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM This Month

A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure OpenSSL
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass RCE Privilege Escalation +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service OpenSSL
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service OpenSSL
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

The openssl (aka node-openssl) NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field (used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js OpenSSL Command Injection +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java OpenSSL Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Fortinet OpenSSL Information Disclosure +1
NVD
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy