RockyLinux 10 : httpd (RLSA-2025:15095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15095 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using T...

EUVD-2025-31120

Malicious code in bioql PyPI...

openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service...

UBUNTU-CVE-2023-2975

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misl...

DEBIAN-CVE-2021-3450

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

Information disclosure

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions prior to and including 4.4.12 triggers a bug where Automation thinks SSL is being turned off, and c...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1546)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openssl: bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

openssl: Read/write after SSL object in error state

OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...

CVE-2017-3737 - Read, write after SSL object in error state. (BSA-2018-527).

Security Advisory ID: BSA-2018-527 Component: OpenSSL Revision : 3.0: Final OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake, then OpenSSL would move into the error state and would immediately fail i...

trk.newsletter.tokopedia.com Open Redirect vulnerability

Vulnerable URL: http://trk.newsletter.tokopedia.com/emW0hIAVrrPwAUZZYd8hfU/?redirecturi=https://openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 30.08.2017 Latest check for patch:| 30.08.2017 21:40 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly...

taxi-travel.com.tw XSS vulnerability

Vulnerable URL: http://www.taxi-travel.com.tw/main.php/newscon.php?lang=%22%3E%3Cscript%3E%20alert%27XSSPOSED%27%20%3C/script%3E=4 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

parsdorfcity.de XSS vulnerability

Vulnerable URL: http://www.parsdorfcity.de/search.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3485184 VIP website status:| No Check parsdorfcity.de SSL connection:| Grade: F...

manchester.ac.uk XSS vulnerability

Vulnerable URL: http://www.manchester.ac.uk/connect/contact-us/index.htm Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 7846 VIP website status:| Yes Chec...

tomlinsoninquest.org.uk XSS vulnerability

Vulnerable URL: https://www.tomlinsoninquest.org.uk/search/results.aspx?k=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

chiara76.blox.pl XSS vulnerability

Vulnerable URL: http://chiara76.blox.pl/html?page=blogPublicSearch= blogPublicSearch' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| N...

ksbm.oeaw.ac.at XSS vulnerability

Vulnerable URL: http://www.ksbm.oeaw.ac.at/scripts/php/BR.php?lang=de" Details: Description| Value ---|--- Patched:| Yes, at 12.01.2017 Latest check for patch:| 12.01.2017 14:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

cachacasalinas.com.br XSS vulnerability

Vulnerable URL: http://www.cachacasalinas.com.br/home.php?lang=pt" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4772798 VIP website status:| No Check cachacasalinas.com.br SSL...

epson.gr XSS vulnerability

Vulnerable URL: https://www.epson.gr/search/products?search=" Details: Description| Value ---|--- Patched:| Yes, at 08.07.2017 Latest check for patch:| 08.07.2017 13:06 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 736649 VIP website status:| No Check epson.gr...

lulic.hr XSS vulnerability

Vulnerable URL: http://www.lulic.hr/rentacar/reservation-new/ Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2819017 VIP website status:| No Check lulic.h...