188 matches found
EUVD-2025-20227
Malicious code in bioql PyPI...
[SECURITY] Fedora 41 Update: libssh-0.11.3-1.fc41
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
Crypt-SSLeay
This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...
OESA-2025-2131 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
Linux Distros Unpatched Vulnerability : CVE-2025-5987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected...
CBL Mariner 2.0 Security Update: libssh (CVE-2025-5987)
The version of libssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5987 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to...
AZL-64794 CVE-2025-5987 affecting package libssh for versions less than 0.10.6-2
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2025-5987 Libssh: invalid return code for chacha20 poly1305 with openssl backend
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2025-5987
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
OPENSUSE-SU-2025:15183-1 libopenssl-3-devel-3.5.0-3.1 on GA media
These are all security issues fixed in the libopenssl-3-devel-3.5.0-3.1 package on the GA media of openSUSE Tumbleweed...
CVE-2020-5992
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges...
[SECURITY] Fedora 40 Update: openvpn-2.6.14-1.fc40
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
haproxy bug fix and enhancement update
An update is available for haproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load balanc...
CVE-2020-36166
An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager aka VIOM Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from...
CVE-2020-36164
An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...
CLSA-2024-1735121358 openssl: Fix of CVE-2024-4603
CVE-2024-4603: Check DSA parameters for excessive sizes before validating...
The vulnerability of the OpenSSL DLL component in the file synchronization and data backup utility Synology Drive Client allows a perpetrator to execute arbitrary code.
The vulnerability of the OpenSSL DLL component in the file synchronization and data backup utility Synology Drive Client is related to manipulation of unknown input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...