Siemens S7-1500 and SCALANCE Out-of-bounds Read (CVE-2025-9232)

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out- of-bounds read can trigger a crash...

Photon OS 4.0: Openssl PHSA-2026-4.0-0952

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0952. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE: Security Advisory (SUSE-SU-2025:21213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for openssl-3 (important)

openSUSE security update: security update for openssl-3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025:20164-1 Rating: important References: bsc1250232 bsc1250233 bsc1250234 Cross-References: CVE-2025-9230 CVE-2025-9231 CVE-2025-9232 CVSS scores:...

Ubuntu: Security Advisory (USN-7894-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-4d34c066a1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : openssl (2025-4d34c066a1)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4d34c066a1 advisory. Rebase to OpenSSL 3.5.4, resolving CVE-2025-9230 and CVE-2025-9232 Tenable has extracted the preceding description block directly from the Fedora...

MGASA-2025-0241 Updated quictls packages with two security issues and bug fixes

Two security issues and miscellaneous minor bug fixes. Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. CVE-2025-9230 Fix Out-of-bounds read in HTTP client noproxy handling. CVE-2025-9232...

Fedora: Security Advisory (FEDORA-2025-e6f76d56fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-c355a1291c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-9232 vulnerabilities

Vulnerabilities for packages: openssl...

Debian: Security Advisory (DSA-6015-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6015-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6015-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 01, 2025 https://www.debian.org/security/faq -...

CVE-2025-9232

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

OpenSSL 3.0.0 < 3.0.18 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.18 advisory. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy'...