23280 matches found
OESA-2026-1465 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...
OESA-2026-1464 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...
CVE-2026-24695
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
SUSE SLES15 Security Update : snpguest (SUSE-SU-2026:0620-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0620-1 advisory. Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser...
EUVD-2026-8953
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
CVE-2026-24695
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
CVE-2026-24695
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
CVE-2026-24695
Summary: CVE-2026-24695 affects XWEB Pro (pre-1.12.1). An authenticated attacker can trigger an OS command injection to achieve remote code execution by injecting malicious input into OpenSSL argument fields in requests to the utility route. Impact is described as remote code execution with high ...
CVE-2026-24695 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
CVE-2026-24695 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
CVE-2026-24695
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code executio...
MiracleLinux 8 : openssl-1.1.1k-15.el8_6 (AXSA:2026-218:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-218:06 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description bloc...
PT-2026-22258
Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 Description A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is achieved by injecting harmful input into OpenSSL argument fields within requests sent to the utility...
RockyLinux 9 : edk2 (RLSA-2026:2776)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2776 advisory. openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 Tenable has extracted the preceding description block directly from the RockyLinux securi...
Moderate: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.62 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.62 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
CLSA-2026-1772112014 openssl: Fix of CVE-2025-66199
CVE-2025-66199: validate uncompressed certificate length to prevent large pre-decompression allocation...
CLSA-2026-1772102739 openssl: Fix of CVE-2025-69419
CVE-2025-69419: fix one-byte write-before-buffer triggered by malicious PKCS12 BMPString containing non-ASCII BMP code point; validate UTF8putc return and use correct destination capacity during conversion from UTF-16BE into UTF-8...
RHSA-2026:3364 Red Hat Security Advisory: openssl security update
Bulletin has no description...