CVE-2026-42015

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

RockyLinux 8 : openssl (RLSA-2026:3042)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:3042 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...

openssl security update

An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

MiracleLinux 8 : openssl-1.1.1k-15.el8_6 (AXSA:2026-218:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-218:06 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description bloc...

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

A flaw was found in OpenSSL. This vulnerability allows a remote attacker to trigger a Denial of Service DoS by providing a specially crafted, malformed PKCS12 file to an application that processes it. The flaw occurs due to a NULL pointer dereference in the PKCS12itemdecryptd2iex function when...

EUVD-2016-9065

Malware in sbrugna...

EUVD-2018-0124

Malware in sbrugna...

EUVD-2012-2197

Malware in sbrugna...

EUVD-2022-5823

Malicious code in bioql PyPI...

EUVD-2023-12784

Malicious code in bioql PyPI...

TencentOS Server 4: nss (TSSA-2024:0636)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0636 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Mitsubishi Electric MELSEC iQ-F FX5-OPC Denial of Service (CVE-2024-0727)

A Denial-of-Service DoS vulnerability due to NULL Pointer Dereference when processing PKCS12 format certificate exists in OpenSSL installed on MELSEC iQ-F OPC UA Unit. Because OpenSSL does not correctly check if a certain field in the PKCS12 format certificate is NULL, a NULL pointer dereference...

Mitsubishi Electric MELSEC iQ-F FX5-OPC

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-F FX5-OPC Vulnerability : NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to...

nss bug fix and enhancement update

An update is available for nss. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

Moderate: Red Hat Bug Fix Advisory: nss bug fix and enhancement update

An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support and Red Hat Enterprise Linux 9. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Bug Fixes and...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.423)

The version of AHV installed on the remote host is prior to 20220304.423. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.423 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via...

[SECURITY] Fedora 40 Update: nss-3.103.0-1.fc40

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Ubuntu: Security Advisory (USN-6673-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6673-3: python-cryptography vulnerability

USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS12 keys. A remote attacker...