openssl security update

1.0.2k-26.0.1fips - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison Orabug: 32467026 - Add DH support changes for SP 800-56A rev3 requirements Orabug: 32467059 - Add TLS KDF self-test Orabug: 32467193 - Add EC keys pairwise consistency test Orabug: 32467059...

go-toolset:ol8 security and bug fix update

go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...

Exploit for XML Entity Expansion in Cisco Secure_Endpoint

CVE-2023-20052 Exploit - Fixed Build Fixed Docker build for C...

SUSE SLES11 Security Update : openssl1 (SUSE-SU-2026:0498-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0498-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

CLSA-2026-1770820922 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1771004260 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1771003612 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1771003241 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. CVE-2025-14524: bearer token leak on cross-protocol redirect bsc1255731. CVE-2025-14819: libssh global knownhost override bsc1255732. CVE-2025-15079: libssh key passphrase bypa...

SUSE-SU-2026:0498-1 Security update for openssl1

This update for openssl1 fixes the following issues: - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-68160)

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out- of-bounds write can cause memory corruption which typically results in a crash, leading...

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2026-22796)

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-69419)

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

📄 OpenSSL 3.x PKCS#12 PBMAC1 KeyLength Buffer Overflow

This proof of concept demonstrates a buffer overflow vulnerability in OpenSSL versions 3.4 to 3.6 related to improper handling of the PBMAC1 keyLength parameter in PKCS12 files. By crafting a malicious PKCS12 structure with an excessively large keyLength value, the proof of concept triggers a...

Oracle Linux 7 : openssl (ELSA-2026-1720)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1720 advisory. 1:1.0.2k-26.0.1 - Fixes CVE-2025-9230 Fix incorrect check of unwrapped key size Orabug: 38916245 Tenable has extracted the preceding description block directly...

Siemens SIMATIC S7-1500 Missing Cryptographic Step (CVE-2025-69418)

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2025-69420)

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

SUSE-SU-2026:20349-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

[SECURITY] Fedora 43 Update: osslsigncode-2.12-1.fc43

osslsigncode is a small tool that implements part of the functionality of the Microsoft tool signtool.exe - more exactly the Authenticode signing and timestamping. But osslsigncode is based on OpenSSL and cURL, and thus should be able to compile on most platforms where these exist...

TestSSL 3.2.3

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...