These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A high-severity vulnerability, CVE-2026-9076, was found in OpenSSL, a widely-used cryptographic library. The issue arises from a heap buffer over-read during the decryption of CMS (Cryptographic Message Syntax) data. An attacker can exploit this vulnerability by supplying malicious CMS data, potentially leading to a Denial of Service (DoS) attack. The vulnerability has a CVSS score of 7.5 and is considere [truncated]
A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. This issue impacts applications that call ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly or register a custom string type via ASN1_STRING_TABLE_add() with attacker-controlled input on the order of half a gigabyte or more.
CVE-2018-0739 is a medium-severity denial-of-service issue tied to excessive recursion in constructed ASN.1 parsing. In the supplied advisory corpus, the issue is associated with Festo Automation Suite and bundled CODESYS components, with mitigation centered on upgrading Festo Automation Suite to 2.8.0.138 or later and installing patched CODESYS releases from the official vendor source.
CVE-2024-0727 is a denial-of-service issue in OpenSSL's PKCS12 handling. A maliciously formatted PKCS12 file can trigger a NULL pointer dereference and crash the process that parses it. The issue matters most for applications that accept PKCS12 files from untrusted sources and call the affected OpenSSL APIs.
CVE-2023-6129 is a PowerPC-specific OpenSSL bug in the POLY1305 MAC implementation that can corrupt caller state on newer PowerPC processors supporting PowerISA 2.07 vector instructions. The issue was published by OpenSSL and NVD on 2024-01-09. OpenSSL described the issue as low severity, while NVD assigned a CVSS 3.1 score of 6.5 (medium). The most relevant exposure is on systems where OpenSSL’s ChaCha20 [truncated]
CVE-2024-2511 affects certain OpenSSL TLSv1.3 server configurations, not clients. In the risky case, using the non-default SSL_OP_NO_TICKET option can leave the session cache in an incorrect state so it fails to flush as it fills, allowing unbounded memory growth and a denial of service. OpenSSL says the issue does not occur when early_data is configured with the default anti-replay protection, and that F [truncated]
CVE-2023-3817 is a Denial of Service (DoS) vulnerability in OpenSSL's Diffie-Hellman (DH) parameter validation functions. The issue stems from the `DH_check()`, `DH_check_ex()`, and `EVP_PKEY_param_check()` functions performing computationally expensive checks when presented with DH keys or parameters containing an excessively large `q` parameter value. Following the remediation of CVE-2023-3446, it was d [truncated]
A low-severity denial-of-service vulnerability exists in Mitsubishi Electric ICONICS Suite and related products when the BACnet Secure Connect feature is enabled. The vulnerability stems from an integrated OpenSSL library that fails to limit resource allocation during certificate validation. A remote attacker can trigger temporary denial-of-service by sending a certificate containing a specially crafted A [truncated]
CVE-2022-4304 is a timing-based RSA decryption side channel. In the advisory corpus, CISA maps the issue to Hitachi Energy Relion 670/650/SAM600-IO series and states that an attacker who can send many trial decryptions may be able to recover plaintext, potentially enough to decrypt data from an observed TLS connection.
CVE-2023-0286 affects ABB M2M Gateway ARM600 firmware 4.1.2 through 5.0.3 and ABB M2M Gateway SW 5.0.1 through 5.0.3. According to the CISA CSAF advisory, the issue can be triggered when CRL checking is enabled and may let an attacker pass arbitrary pointers to a memcmp call, potentially exposing memory contents or causing a denial of service. The supplied advisory classifies the issue as medium severity [truncated]
CVE-2014-0160 is listed by CISA as a Known Exploited Vulnerability affecting OpenSSL and described as an information disclosure issue. Because it appears in the KEV catalog, defenders should treat it as actively exploited and prioritize remediation over routine patch queues. CISA's KEV entry states the required action is to apply updates per vendor instructions.