SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2025:03463-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03463-1 advisory. - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Tenable has extracted the...

SUSE CVE-2022-23560

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

OESA-2022-1719 e2fsprogs security update

The e2fsprogs package consists of a lot of tools for users to create, check, modify, and correct any inconsistencies in second extended file system. Security Fixes: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly...

AZL-9596 CVE-2022-29968 affecting package kernel for versions less than 5.15.37.1-2

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

openssl: Read/write after SSL object in error state

OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...

ALPINE-CVE-2017-3737

OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...