Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.2)

The version of AOS installed on the remote host is prior to 7.5.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.2 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raste...

ROS-20260420-73-0004

A vulnerability in the PKCS12getfriendlyname function of the OpenSSL library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Bulletin: Vulnerability in OpenSSL affects IBM Netezza Appliance

Summary The OpenSSL package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-69419 Vulnerability Details CVEID:CVE-2025-69419 DESCRIPTION: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString...

Alibaba Cloud Linux 3 : 0041: openssl (ALINUX3-SA-2026:0041)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-69419: Issue summary: Calling...

SUSE-SU-2026:20349-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

SUSE-SU-2026:0312-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with...

CVE-2025-69419 Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

CVE-2025-69419

CVE-2025-69419 is an OpenSSL vulnerability arising from PKCS12_get_friendlyname() processing of attacker-supplied PKCS#12 BMPString names. The root cause is in OPENSSL_uni2utf8(): during the second pass, bmp_to_utf8() forwards the remaining UTF-16 source byte count as the destination capacity to ...

CVE-2025-69419 Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

Linux Distros Unpatched Vulnerability : CVE-2025-69419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code...