2857 matches found
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
AZL-75278 CVE-2025-15468 affecting package openssl for versions less than 3.3.5-3
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468 NULL dereference in SSL_CIPHER_find() function on unknown cipher ID
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468
OpenSSL CVE-2025-15468 causes a NULL pointer dereference when SSL_CIPHER_find() processes an unknown cipher ID in QUIC protocol TLS, leading to Denial of Service. Affected: OpenSSL 3.3, 3.4, 3.5, and 3.6 (introduced in 3.2 with QUIC support). Not affected: 3.0, 1.1.1, 1.0.2. Remediation/workaroun...
CVE-2025-15468 NULL dereference in SSL_CIPHER_find() function on unknown cipher ID
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
EUVD-2025-206400
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
CVE-2025-15467 Stack buffer overflow in CMS (Auth)EnvelopedData parsing
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
CVE-2025-15468
A flaw was found in openssl. A remote attacker could trigger a NULL pointer dereference by sending an unknown or unsupported cipher ID during the client hello callback in applications using the QUIC Quick UDP Internet Connections protocol. This vulnerability, occurring when the SSLCIPHERfind...
OpenSSL 3.4.0 < 3.4.4 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.4.4. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.4 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...
UBUNTU-CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
OpenSSL 3.5.0 < 3.5.5 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.5.5 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...
OpenSSL 3.6.0 < 3.6.1 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.6.1 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...
OpenSSL 3.3.0 < 3.3.6 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.3.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.6 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...
Linux Distros Unpatched Vulnerability : CVE-2025-15468
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL...
CVE-2025-15468
Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...
OpenSSL security vulnerabilities
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...