1572 matches found
RockyLinux 10 : openssl (RLSA-2025:21248)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21248 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the RockyLinux...
AlmaLinux 10 : openssl (ALSA-2025:21248)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21248 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the AlmaLinux securi...
Oracle Linux 9 : openssl (ELSA-2025-28011)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28011 advisory. - Fix CVE-2025-9230 Resolves: RHEL-115929 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
TencentOS Server 4: openssl (TSSA-2024:0289)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0289 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: openssl (TSSA-2024:0596)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0596 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM DevOps Code ClearCase
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM DevOps Code ClearCase. CVE-2025-9230 , CVE-2025-9232 Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based...
CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37
CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37. A patched version of the package is available...
RHEL 9 : openssl (RHSA-2025:21562)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21562 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
Siemens SIMATIC S7-1500 (CVE-2023-4807)
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...
ROS-20251112-03
A vulnerability in the OpenSSL cryptographic library is related to the use of a non-standard option SSLOPNOTICKET, in which the session cache continues to grow indefinitely. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...
OESA-2025-2637 python3 security update
Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
SUSE-SU-2025:3784-1 Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for afterburn
This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...
Security update for openssl-1_1-livepatches
This update for openssl-11-livepatches fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250410. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Slackware Linux 15.0 openssl Vulnerability (SSA:2025-296-01)
The version of openssl installed on the remote host is prior to 1.1.1zd. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-296-01 advisory. New openssl packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description bloc...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx_10_9_universal2.whl
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in cryptography-44.0.0-cp37-abi3-macosx109universal2.whl Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fa...
SUSE SLED15: libopenssl-1_1-devel / libopenssl1_1 / libopenssl1_1-32bit / etc (SUSE-SU-2025:03635-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03635-1 advisory. - CVE-2025-9230: fixed out of bounds read and write in RFC 3211 KEK unwrap bsc1250232 Tenable has extracted the...
BIT-LIBPYTHON-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()
CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being...
Fedora: Security Advisory (FEDORA-2025-e6f76d56fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...