SAP NetWeaver AS Java Multiple Vulnerabilities (3700960)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a affected by a multiple vulnerabilities as disclosed in the SAP Security Patch Day March 2026: - An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

Siemens S7-1500 and SCALANCE Out-of-bounds Read (CVE-2025-9232)

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out- of-bounds read can trigger a crash...

Linux Distros Unpatched Vulnerability : CVE-2025-9232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a missing NULL byte termination after strncpy call. An attacker can cause a crash and disrupt application availability by triggering an out-of-bounds read if API functions of OpenSSL HTTP client are used while...

CVE-2025-9232

CVE-2025-9232 involves OpenSSL HTTP client API functions; the vulnerability is an out-of-bounds read when the environment variable no_proxy is set and the URL’s authority host is IPv6, causing potential Denial of Service via a crash. The issue is rooted in HTTP client handling introduced in patch...