Linux Distros Unpatched Vulnerability : CVE-2025-3416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may resu...

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

SUSE-SU-2025:02837-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH...

SUSE: Security Advisory (SUSE-SU-2025:02812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2023-24010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DD...

Linux Distros Unpatched Vulnerability : CVE-2023-53159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost. CVE-2023-53159 Note that Nessus relie...

Linux Distros Unpatched Vulnerability : CVE-2022-2274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA...

Photon OS 3.0: Openssl PHSA-2022-3.0-0391

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0391. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2018-20997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. CVE-2018-20997 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2021-3711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twic...

Linux Distros Unpatched Vulnerability : CVE-2022-0778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is...

Linux Distros Unpatched Vulnerability : CVE-2021-3449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the...

SUSE SLES15 Security Update : go1.23-openssl (SUSE-SU-2025:02812-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02812-1 advisory. Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

PT-2025-39426

Name of the Vulnerable Software and Affected Versions glib-networking affected versions not specified Description The OpenSSL backend within glib-networking does not adequately validate the results of memory allocation operations. A lack of sufficient checks following memory allocation attempts c...

SUSE-SU-2025:02812-1 Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH...

SUSE-SU-2025:02811-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

SUSE-SU-2025:02810-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

SUSE-SU-2025:02809-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2023-50782: Implicit rejection in PKCS1 v1.5 bsc1220262 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed fo...