Lucene search
K

1572 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

RockyLinux 10 : openssl (RLSA-2025:21248)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21248 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the RockyLinux...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.5 views

AlmaLinux 10 : openssl (ALSA-2025:21248)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21248 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.5 views

Oracle Linux 9 : openssl (ELSA-2025-28011)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28011 advisory. - Fix CVE-2025-9230 Resolves: RHEL-115929 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

7.5CVSS6.3AI score0.01744EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 4: openssl (TSSA-2024:0289)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0289 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.1CVSS7.6AI score0.05582EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.7 views

TencentOS Server 4: openssl (TSSA-2024:0596)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0596 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

6.5CVSS6.8AI score0.03174EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 3:6 p.m.7 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2025-9230 , CVE-2025-9232 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based...

7.5CVSS7.4AI score0.02016EPSS
Exploits0Affected Software1
CBLMariner
CBLMariner
added 2025/11/17 8:45 p.m.4 views

CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37

CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37. A patched version of the package is available...

7.5CVSS6.9AI score0.01744EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/17 12:0 a.m.2 views

RHEL 9 : openssl (RHSA-2025:21562)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21562 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.5CVSS6.6AI score0.01744EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 (CVE-2023-4807)

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...

7.8CVSS6.9AI score0.00862EPSS
Exploits0References11
Redos
Redos
added 2025/11/12 12:0 a.m.5 views

ROS-20251112-03

A vulnerability in the OpenSSL cryptographic library is related to the use of a non-standard option SSLOPNOTICKET, in which the session cache continues to grow indefinitely. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...

5.9CVSS6.5AI score0.54026EPSS
Exploits0
OSV
OSV
added 2025/11/07 12:31 p.m.4 views

OESA-2025-2637 python3 security update

Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...

6.5CVSS6.9AI score0.00744EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/10/24 1:28 p.m.4 views

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

8.4CVSS6.8AI score0.1446EPSS
Exploits2References20
OSV
OSV
added 2025/10/24 1:28 p.m.3 views

SUSE-SU-2025:3784-1 Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

8.8CVSS6.8AI score0.1446EPSS
Exploits2References11
SUSE Linux
SUSE Linux
added 2025/10/24 1:28 p.m.2 views

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

8.4CVSS6.8AI score0.1446EPSS
Exploits2References20
SUSE Linux
SUSE Linux
added 2025/10/23 1:45 p.m.3 views

Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250410. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7.7CVSS7AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/23 12:0 a.m.4 views

Slackware Linux 15.0 openssl Vulnerability (SSA:2025-296-01)

The version of openssl installed on the remote host is prior to 1.1.1zd. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-296-01 advisory. New openssl packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description bloc...

7.5CVSS6.3AI score0.01744EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 11:0 a.m.6 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx_10_9_universal2.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx109universal2.whl Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fa...

6.3CVSS7AI score0.02357EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.2 views

SUSE SLED15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2025:03635-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03635-1 advisory. - CVE-2025-9230: fixed out of bounds read and write in RFC 3211 KEK unwrap bsc1250232 Tenable has extracted the...

7.5CVSS6.7AI score0.01744EPSS
Exploits0References4
OSV
OSV
added 2025/10/14 9:24 a.m.4 views

BIT-LIBPYTHON-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()

CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...

9.1CVSS8.7AI score0.05582EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-e6f76d56fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02234EPSS
Exploits0References2
Rows per page
Query Builder