50 matches found
CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38
CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
CVE-2025-68160 affecting package openssl for versions less than 1.1.1k-38
CVE-2025-68160 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
CVE-2026-22795 affecting package openssl for versions less than 1.1.1k-38
CVE-2026-22795 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
CVE-2025-69420 affecting package openssl for versions less than 1.1.1k-38
CVE-2025-69420 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
CVE-2026-22796 affecting package openssl for versions less than 1.1.1k-38
CVE-2026-22796 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38
CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...
AZL-75786 CVE-2025-69419 affecting package openssl 1.1.1k-38
Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...
MiracleLinux 8 : openssl-1.1.1k-4.el8 (AXSA:2021-2623:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2623:05 advisory. openssl: integer overflow in CipherUpdate CVE-2021-23840 openssl: NULL pointer dereference in X509issuerandserialhash CVE-2021-23841 Tenable has...
MiracleLinux 8 : openssl-1.1.1k-14.el8_10 (AXSA:2026-025:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-025:02 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the MiracleLinux...
Advisory ROSA-SA-2025-3099
Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-12.0.1.rv3 CVE-ID: CVE-2020-25659 BDU-ID: 2022-05647 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the python-cryptography package of the Python programming language interpreter is related to RSA key management...
CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37
CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2021-3449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the...
AZL-42952 CVE-2024-4741 affecting package openssl for versions less than 1.1.1k-31
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
CentOS 9 : compat-openssl11-1.1.1k-4.el9
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the compat- openssl11-1.1.1k-4.el9 build changelog. - Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Note that Nessus has not tested for this issue but has...
AZL-35086 CVE-2024-0727 affecting package openssl for versions less than 1.1.1k-29
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...
CVE-2023-5678 affecting package openssl for versions less than 1.1.1k-28
CVE-2023-5678 affecting package openssl for versions less than 1.1.1k-28. A patched version of the package is available...
CVE-2023-2650 affecting package openssl for versions less than 1.1.1k-25
CVE-2023-2650 affecting package openssl for versions less than 1.1.1k-25. A patched version of the package is available...
Advisory ROSA-SA-2023-2211
Software: openssl 1.1.1k OS: ROSA Virtualization 2.1 packageevrstring: openssl-1.1.1.1k-9.rv3.src.rpm CVE-ID: CVE-2021-23840 BDU-ID: 2021-03742 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the EVPCipherUpdate, EVPEncryptUpdate, and EVPDecryptUpdate functions of the OpenSSL TLS and SSL protocols...
CVE-2023-2650 affecting package openssl 1.1.1k-15
CVE-2023-2650 affecting package openssl 1.1.1k-15. A patched version of the package is available...
CVE-2023-0465 affecting package openssl for versions less than 1.1.1k-23
CVE-2023-0465 affecting package openssl for versions less than 1.1.1k-23. A patched version of the package is available...