CLSA-2026-1772098723 openssl: Fix of CVE-2025-69419

CVE-2025-69419: fix one-byte write-before-buffer triggered by malicious PKCS12 BMPString containing non-ASCII BMP code point; validate UTF8putc return and use correct destination capacity during conversion from UTF-16BE into UTF-8...

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest update to IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2025-39697 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updati...

openssl security update

1:1.1.1k-15 - Fix CVE-2025-69419: Arbitrary code execution due to out-of-bounds write in PKCS12 processing ticketlifetimehint exceed 1 week in TLSv1.3 and breaks compliant clients Resolves: RHEL-149165 Resolves: RHEL-142715 1:1.1.1k-14.1 - Backport fix for openssl: Out-of-bounds read & write in R...

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syst...

Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration ...

Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration ...

edk2 security update

An update is available for edk2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...

CLSA-2026-1771955371 openssl: Fix of CVE-2025-69419

CVE-2025-69419: fix one-byte write-before-buffer triggered by malicious PKCS12 BMPString containing non-ASCII BMP code point; validate UTF8putc return and use correct destination capacity during conversion from UTF-16BE into UTF-8...

CVE-2025-69420 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69420 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2025-68160 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-68160 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2026-22795 affecting package openssl for versions less than 1.1.1k-38

CVE-2026-22795 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2026-22796 affecting package openssl for versions less than 1.1.1k-38

CVE-2026-22796 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

SUSE-SU-2026:0620-1 Security update for snpguest

This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch...

[SECURITY] [DLA 4490-1] openssl security update

Debian LTS Advisory DLA-4490-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson February 23, 2026 https://wiki.debian.org/LTS Package : openssl Version : 1.1.1w-0+deb11u5 CVE ID : CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421...

Debian dla-4490 : libcrypto1.1-udeb - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4490 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4490-1 [email protected]...

Debian: Security Advisory (DLA-4490-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : openssl (ELSA-2026-3042)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3042 advisory. - Fix CVE-2025-69419: Arbitrary code execution due to out-of-bounds write in PKCS12 processing ticketlifetimehint exceed 1 week in TLSv1.3 and breaks compliant...