1607 matches found
poc-scaner
Java POC Scanner A powerful graphical POC Proof of Concept...
SUSE CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
Linux Distros Unpatched Vulnerability : CVE-2025-9232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the...
OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Linux
OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Windows
OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenSSL 3.2.0 < 3.2.6 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.2.6 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a missing NULL byte termination after strncpy call. An attacker can cause a crash and disrupt application availability by triggering an out-of-bounds read if API functions of OpenSSL HTTP client are used while...
ALPINE-CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
AZL-78588 CVE-2025-9232 affecting package openssl-fips-provider 3.1.2-1
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
CVE-2025-9232
CVE-2025-9232 involves OpenSSL HTTP client API functions; the vulnerability is an out-of-bounds read when the environment variable no_proxy is set and the URL’s authority host is IPv6, causing potential Denial of Service via a crash. The issue is rooted in HTTP client handling introduced in patch...
CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
OpenSSL 安全漏洞
OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...
FreeBSD Security Advisory - FreeBSD-SA-25:08.openssl
FreeBSD Security Advisory - FreeBSD includes software from the OpenSSL Project. OpenSSL suffers from some new vulnerabilities. An application trying to decrypt cryptographic message syntax CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. A timing...
FreeBSD-SA-25:08.openssl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:08.openssl Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in OpenSSL Category: contrib Module: openssl Announced: 2025-09-30 Credits:...
UBUNTU-CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
CVE-2025-46408
An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.PushHttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOWALLHOSTNAMEVERIFIER, bypassing domain validation...
Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-2136)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2025-2146)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...
EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2025-2046)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receiv...