23343 matches found
RHEL 9 : python3.12-cryptography (RHSA-2025:7317)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7317 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
Alibaba Cloud Linux 3 : 0073: compat-openssl10 (ALINUX3-SA-2025:0073)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0073 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0286: There is a type confusion...
ABB M2M Gateway Information Disclosure in embedded OpenSSL (CVE-2013-0169)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
RHEL 9 : compat-openssl11 (RHSA-2025:7937)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7937 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...
Fedora: Security Advisory (FEDORA-2025-a13867ecbc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-e0e44b1b98)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-c263d3ebd9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-7d5c1bcc78)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-4176-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4176 : libcrypto1.1-udeb - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4176 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4176-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 4176-1] openssl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4176-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 24, 2025 https://wiki.debian.org/LTS -...
SUSE CVE-2025-4575
Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. A copy & paste...
DLA-4176-1 openssl - security update
Bulletin has no description...
Security update for python311
This update for python311 fixes the following issues: Updated to 3.11.12: gh-131809: Updated bundled libexpat to 2.7.1 gh-131261: Upgraded to libexpat 2.7.0 CVE-2025-0938: Fixed functions urllib.parse.urlsplit and urlparse accepting domain names including square brackets bsc1236705 gh-121284: Fix...
CVE-2024-45238
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsin...
Security update for s390-tools
This update for s390-tools fixes the following issues: Revendored vendor.tar.zst CVE-2025-3416: Fixed use-after-free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 Added the new IBM z17 9175 processor type The package is built with the new 4096bit RSA secure boot signing key. Pat...
SUSE-SU-2025:20352-1 Security update for s390-tools
This update for s390-tools fixes the following issues: - CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 - Amended the .spec file - Updated the 'service' file - Removed the obsolete file 'cargoconfig' - Updated 'cputype' and...
Security update for s390-tools
This update for s390-tools fixes the following issues: CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 Amended the .spec file Updated the 'service' file Removed the obsolete file 'cargoconfig' Updated 'cputype' and...
CVE-2024-28885
Observable discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...
CVE-2024-41594
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL...