148 matches found
SUSE: Security Advisory (SUSE-SU-2025:03438-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:03441-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
SUSE-SU-2025:03440-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
SUSE-SU-2025:03437-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞
Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...
OESA-2025-2130 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
Linux Distros Unpatched Vulnerability : CVE-2022-1434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacke...
CVE-2025-5372
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the sshkdf function when built with OpenSSL versions older than 3.0. An attacker can compromise the confidentiality, integrity, and availability of SSH sessions by triggering...
SUSE-SU-2025:20406-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 on PPC arch bsc1240366 - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136...
CVE-2025-48057 Icinga 2 certificate renewal might incorrectly renew an invalid certificate
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...
CVE-2025-48057 Icinga 2 certificate renewal might incorrectly renew an invalid certificate
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...
PT-2025-22986
Name of the Vulnerable Software and Affected Versions Icinga 2 versions prior to 2.12.12 Icinga 2 versions prior to 2.13.12 Icinga 2 versions prior to 2.14.6 Description The issue affects Icinga 2, a monitoring system that checks network resource availability and generates performance data. It...
OpenSSL x509 Vulnerability (20250522) - Linux
OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...
GHSA-72QJ-48G4-5XGX JRuby-OpenSSL has hostname verification disabled by default
Summary When verifying SSL certificates, jruby-openssl is not verifying that the hostname presented in the certificate matches the one we are trying to connect to, meaning a MITM could just present any valid cert for a completely different domain they own, and JRuby wouldn't complain. Details n/a...
[R2] Sensor Proxy Version 1.2.0 Fixes Multiple Vulnerabilities
R2 Sensor Proxy Version 1.2.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 04/30/2025 - 12:50 Sensor Proxy leverages third-party software to help provide underlying functionality. Several of the third-party components OpenSSL, Go were found to contain vulnerabilities, and updated versions hav...
CVE-2024-13176 affecting package openssl for versions less than 3.3.3-1
CVE-2024-13176 affecting package openssl for versions less than 3.3.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-12797
Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...
CVE-2024-12797
CVE-2024-12797 concerns OpenSSL’s RFC7250 Raw Public Keys (RPKs) handling. The issue occurs in TLS/DTLS when a client enables server-side RPKs and the server selects an RPK instead of an X.509 chain, plus the client’s SSL_VERIFY_PEER mode; in such cases the handshake may not abort as expected, le...
CVE-2022-43507
Improper buffer restrictions in the IntelR QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access...