VDB

GCVE-110-NCSC-2025-336

GCVE-110-NCSC-2025-336
Advisory PublishedCVSS 7.4/10
Vulnetix · Advisory published October 23, 2025
OpenSSL and various Oracle products exhibit vulnerabilities related to ASN.1 string processing and unauthorized access, with specific versions addressing critical security issues and CVSS scores indicating significant risk.

Weaknesses (CWE)

CWE-125Out-of-bounds ReadCWE-416Use After FreeCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-284Improper Access ControlCWE-770Allocation of Resources Without Limits or Throttling

Risk Scores

CVSS 3.1
7.4/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Affected Products

VendorProductVersionsPlatforms
Oraclevers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›