CVE-2025-15468 affecting package openssl for versions less than 3.3.5-2

CVE-2025-15468 affecting package openssl for versions less than 3.3.5-2. A patched version of the package is available...

OPENSUSE-SU-2026:20152-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-15468: NULL dereference in...

SUSE-SU-2026:20223-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-15468: NULL dereference in...

Oracle Linux 10 : openssl (ELSA-2026-50081)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50081 advisory. - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420...

RockyLinux 10 : openssl (RLSA-2026:1472)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

RLSA-2026:1473 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

Photon OS 5.0: Openssl PHSA-2026-5.0-0747

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0747. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-15468 vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

openssl security update

3.5.1-7.0.1 - Replace upstream references Orabug: 34340177 - Update FIPS provider name Orabug: 35824276 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-227...

ALSA-2026:1473 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

RHEL 10 : openssl (RHSA-2026:1472)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1472 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

CVE-2025-15468

creationtimestamp| type| source ---|---|--- 2026-01-27 21:02:36+00:00| seen| https://bsky.app/profile/teenigma.bsky.social/post/3mdgnspi53s2b 2026-01-28 02:01:23+00:00| seen| https://bsky.app/profile/slackers.it/post/3mdh6iyvcgd2r 2026-01-28 06:31:10+00:00| seen|...

CVE-2025-15468 NULL dereference in SSL_CIPHER_find() function on unknown cipher ID

Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...

CVE-2025-15468

A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC Quick UDP Internet Connections protocol. This vulnerability, occurring when the SSLCIPHERfind...

Debian dsa-6113 : libcrypto3-udeb - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6113 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6113-1 [email protected]...