1575 matches found
K000160557: OpenSSL vulnerability CVE-2025-69418
Security Advisory Description Issue summary: When using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths, inputs whose length is not a multiple of 16 bytes can leave the final partial block unencrypted and unauthenticated. Impact summary: The trailing 1-15 bytes...
K000160555: OpenSSL vulnerability CVE-2026-22795
Security Advisory Description Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting ...
K000160552: OpenSSL vulnerability CVE-2025-68160
Security Advisory Description Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typicall...
Security Bulletin: Vulnerability in IBM Java, Websphere, OpenSSL, libcurl, and Apache Commons may affect IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management
Summary IBM Spectrum Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management can be affected by logging and security vulnerabilities. This update improves reliability of Java object property handling, modern logging frameworks and...
NewStart CGSL MAIN 7.02 : openssl Vulnerability (NS-SA-2026-0038)
The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by a vulnerability: - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This...
OESA-2026-1749 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...
RHEL 9 : compat-openssl11 (RHSA-2026:5217)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:5217 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...
OESA-2026-1664 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code...
OESA-2026-1661 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code...
Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl
🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...
Moderate: Red Hat Security Advisory: compat-openssl11 security update
An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: compat-openssl11 security update
An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
AlmaLinux 9 : compat-openssl11 (ALSA-2026:4472)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:4472 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...
EulerOS Virtualization 2.12.1 : openssl (EulerOS-SA-2026-1450)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...
RHEL 9 : compat-openssl11 (RHSA-2026:4825)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4825 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...
EulerOS Virtualization 2.12.0 : openssl (EulerOS-SA-2026-1507)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...
MiracleLinux 9 : compat-openssl11-1.1.1k-5.el9_7.1 (AXSA:2026-313:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-313:01 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description bloc...
OpenSSL 3.6.0 < 3.6.2 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.2 advisory. - Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group...
Oracle Linux 9 : compat-openssl11 (ELSA-2026-4472)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-4472 advisory. 1:1.1.1k-5.2 - Fixes CVE-2025-69419 OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing Resolves: RHEL-142722 Tenable has extracte...
RHEL 8 : openssl (RHSA-2026:4163)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4163 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...