Fedora 43 : bpfman (2025-e67231423f)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e67231423f advisory. This update fixes CVE-2025-0977 RUSTSEC-2025-0004, a use-after-free vulnerability in the Rust openssl crate's ssl::selectnextproto function. The openssl crat...

OESA-2025-2637 python3 security update

Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...

SUSE SLES15: libqat4 / libqatzip3 / libusdm0 / qatengine / qatlib / qatlib-devel / etc (SUSE-SU-2025:3943-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3943-1 advisory. Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365...

SUSE SLES15: libqat4 / libqatzip3 / libusdm0 / qatengine / qatlib / qatlib-devel / etc (SUSE-SU-2025:3942-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3942-1 advisory. Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365...

SUSE SLES15 Security Update : openssl-3-livepatches (SUSE-SU-2025:3917-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:3917-1 advisory. - livepatch for CVE-2025-9230: Out-of-bounds read & write in RFC 3211 KEK Unwrap bsc1250410. Tenable has extracted the preceding description block...

Security update for qatengine, qatlib

This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...

Security update for qatengine, qatlib

This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...

SUSE-SU-2025:3942-1 Security update for qatengine, qatlib

This update for qatengine, qatlib fixes the following issues: Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities: bsc1233363 CVE-2024-28885 bsc1233365 CVE-2024-31074 bsc1233366 CVE-2024-33617 Update to 1.7.0: ipp-crypto name change to cryptography-primitives QATSW G...

Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues: livepatch for CVE-2025-9230: Out-of-bounds read & write in RFC 3211 KEK Unwrap bsc1250410. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:3917-1 Security update for openssl-3-livepatches

This update for openssl-3-livepatches fixes the following issues: - livepatch for CVE-2025-9230: Out-of-bounds read & write in RFC 3211 KEK Unwrap bsc1250410...

Astra Linux – Vulnerability in OpenSSL

Issue summary: An application attempting to decrypt messages encrypted using password-based encryption in CMS can trigger an out-of-bounds read and write attack. Impact summary: This out-of-bounds read attack may cause a system crash, leading to a denial of service for the application. The...

Alibaba Cloud Workspace Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Alibaba Cloud Workspace Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Fedora: Security Advisory (FEDORA-2025-e385cbedb5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-ea58b959cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-4d34c066a1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20251028-08

A vulnerability in the NetworkPkg/IScsiDxe/IScsiProto.c component of the EDK2 development environment for UEFI applications is associated with an with integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to compromise the integrity of the component. remotely...

[SECURITY] Fedora 43 Update: openssl-3.5.4-1.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Fedora 43 : openssl (2025-4d34c066a1)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4d34c066a1 advisory. Rebase to OpenSSL 3.5.4, resolving CVE-2025-9230 and CVE-2025-9232 Tenable has extracted the preceding description block directly from the Fedora...

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...