EUVD-2025-34677

OpenSearch Data Prepper uses deprecated SSL protocol identifier...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

dotnet: .NET Information Disclosure Vulnerability

A flaw exists in certain .NET builds where a man-in-the-middle MITM attacker can prevent or downgrade TLS between a client and an SMTP server. This may cause the client to send credentials or message data over an unencrypted connection, exposing sensitive information to the attacker...

dotnet: .NET Information Disclosure Vulnerability

A flaw exists in certain .NET builds where a man-in-the-middle MITM attacker can prevent or downgrade TLS between a client and an SMTP server. This may cause the client to send credentials or message data over an unencrypted connection, exposing sensitive information to the attacker...

CVE-2024-26008

An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy version 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0 and FortiSwitchManager version 7.2.0 through 7.2.3 and version 7.0.0 through 7.0.3...

EUVD-2025-34624

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2025-34636

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

USN-7801-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

USN-7801-3 linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

CVE-2025-61974

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-60016

When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...

CVE-2025-55083 Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read...

CVE-2025-55083

CVE-2025-55083 affects NetX Duo (Eclipse Foundation ThreadX component) in versions before 6.4.4. A bound-check error leads to an out-of-bounds read (two units). Affected scope and impact are stated across multiple sources (NVD, Red Hat, OSV, CVE lists). Root cause: incorrect bound check in the re...

CVE-2025-61974 BIG-IP SSL/TLS vulnerability

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61974 BIG-IP SSL/TLS vulnerability

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61951 BIG-IP DTLS 1.2 Vulnerability

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

CVE-2025-61951 BIG-IP DTLS 1.2 Vulnerability

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

CVE-2025-55248

A flaw exists in certain .NET builds where a man-in-the-middle MITM attacker can prevent or downgrade TLS between a client and an SMTP server. This may cause the client to send credentials or message data over an unencrypted connection, exposing sensitive information to the attacker. Mitigation...

K000139514: BIG-IP SSL/TLS vulnerability CVE-2025-60016

Security Advisory Description When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

CVE-2025-55081 Potential out of bound read in _nx_secure_tls_process_clienthello()

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...